Health Insurance Portability and Accountability
The Health Insurance Portability and Accountability Act (HIPAA) was established in 1996 to reform the healthcare industry. Its series of administrative and security procedures ensures that organizations protect the confidentiality of electronic protected health information (EPHI).
The Business Challenge
Many healthcare organizations routinely use IT systems to collect and utilise electronic data – for billing, payments, keeping patient records and for management purposes. Organizations must ensure that personal and confidential information, which can pass between many stakeholders, is protected and HIPAA compliant. To comply with the Act’s Privacy and Security Rules, particular processes and strategies relating to the following, must be put in place:
- levels, policy compliance and appropriate risk management must be assured
- All assets and services must be secure
- Any access to personal/confidential health information must be controlled and tracked
The Safestone Solution
Safestone can help your organization to streamline business processes to HIPAA requirements with a modular and integrated approach that can help define, manage and report on security policy compliance enabling future audits to be passed simply, quickly and efficiently.
Network Traffic Controller enables organizations to meet access control policies by gaining insight to how users are granted access to data, as well as providing an audit trail to identify when users attempted to access what files, when, and from where.
The control of user passwords and access rights to data is critical to HIPAA compliance. User Profile Manager provides flexibility to manage profiles, user lifecycle and passwords across the whole of the System i (iSeries/OS 400) environment.
Risk & Compliance Monitor can immediately identify compliance vulnerabilities across the system, with reports that can be run on a regular basis and consolidated from multiple System i machines.
Multiple Systems Administrator enables the organization to centrally control and synchronize security auditing, reporting, network traffic management, profiles and policy management across the network, consolidating reports on one host machine and offering single sign-on capability.