Managed File Transfer: Preventing Healthcare Identity Theft

17 06 2010

In a recent report by the Smart Card Alliance entitled, “Medical Identity Theft in Healthcare,” the study sites that, “Further evidence of the significance of the medical fraud problem is the allocation of $1.7 billion for fraud detection in the 2011 U.S. Health and Human Services budget.” In 2009 alone, 68 reported healthcare data breaches in the U.S. put over 11.3 million patient records at risk according to the Identity Theft and Resource Center (ITRC).

Paper records are no longer acceptable for your organization.

The American Recovery and Reinvestment Act (ARRA) and the associated provisions under the Health Information Technology  for Economic and Clinical Health (HITECH),  have highlighted the need to address security and privacy across our healthcare system.

The report goes on to state that “the way to stop medical identity theft confusion is to improve patient identification and provide enhanced data production through strong authentication and encryption.” How can a healthcare organization achieve this? B2B Managed File Transfer. Protection of patient information does not happen just inside the four walls of your organization. Think of the providers, health record banks, health insurance and hospital Web portals.

The key is two-factor authentication and data encryption. Are you employing these security methodologies at your organization?





Protecting Your Data and Your Partnerships

24 05 2010

In an Information Week Analytics report, “Inside Out: Protecting Your Partnerships and Your Data,” Curtis Franklin, Jr. of Dark Reading writes, “Partners are a critical element (to enterprise security) – in fact, their importance is matched only by the potential threat they pose to the security of corporate data and the network infrastructure. For IT professionals, the vital question is how to balance trust versus risk in enabling communication between the organization and partners.”

Secure all points of contact with partners.

The report adds, “there have been instances in which partner connections were used to steal data or sabotage computer systems. These breaches show us that enterprises must stay vigilant about security, even in dealing with their closest and most trusted suppliers.” Other findings? “The difference between employee and partner risk varies by industry – in food service, partners accounted for as many as 70 percent of breaches; in the technology arena, partners accounted for only 18 percent.”

Organizations must be wary of:

  • the introduction of malware
  • confidential software theft
  • the data at risk – proprietary, intellectual property to private customer information

While concrete corporate security policies, firewalls and other security measures, help alleviate the threat, how do you ensure B2B partner and trading partner security is achieved while still optimizing those partnerships, making it easier for your partners to do business with you?

B2B Managed File Transfer – From secure ad-hoc file transfer to EDI to enterprise-wide Managed File Transfer a complete B2B communications solution can prevent these breaches from happening to you. Because whether the breach is accidental or intentional, the damage has still been done.





Data Breaches: Stop the Insanity!

10 05 2010

In a recent article by the Identity Theft Resource Center (ITRC), entitled, “Data Breaches: The Insanity Continues,” the ITRC discusses the highlights of 2009 data breaches:

  • Paper breaches account for nearly 26 percent of known breaches (an increase of 46 percent over 2008)
  • Business sector climbed from 21 percent to 41 percent between 2006 to 2009, the worst sector performance by far
  • Malicious attacks have surpassed human error for the first time in three years
  • Out of 498 breaches, only six reported that they had either encryption or other strong security features protecting the exposed data

What will the stats be for 2010? Take Preventative Measures.

The article goes on, stating, “Insanity might well be defined as repeating the same action again and again, and expecting a different outcome.” So, the ITRC compiled a list related to how businesses are addressing data breaches and security:

  • Insanity 1 – Electronic Breaches: After all the articles about hacking and the ever-growing cost of a breach, why isn’t encryption being used to protect personal identifying information? Proprietary information almost always seems to be well protected. Why not our customer/consumer personal identifying information (PII)?
  • Insanity 2 – Paper breaches: Why aren’t more state legislators passing laws about rendering paper documents unreadable prior to disposal if they contain PII? Do we dare ask that those laws be actually enforceable? Perhaps we are waiting for paper breaches to reach 35% of the total.
  • Insanity 3 – Breaches happen: Deal with it! You will get notification letters. Breach notification does not equal identity theft. Let’s stop the “blame game” and instead require breached entities to report breach incidents via a single public website. This would allow analysts (and law enforcement) to look for trends and link crimes to a single ring or hacker faster.
  • Insanity 4 – A Breach is a Breach: Let’s not kid ourselves. “Risk of harm” is not a useful standard for determining if the public and consumers should be notified about a breach, especially if the company involved gets to define “risk of harm.” If it is your #$@%2 SSN that is out on the Internet, do YOU think there is “risk of harm?” Some companies might say “no.”
  • Insanity 5 – Data on the Move: You will notice that statistically this is a bright spot, with a decreasing incidence in the past 3 years. But, really! This is 100% avoidable, either through use of encryption, or other safety measures. Laptops, portable storage devices and briefcases full of files, outside of the workplace, are still “breaches waiting to happen.” With tiered permissions, truncation, redaction and other recording tools, PII can be left where it belongs – behind encrypted walls at the workplace.

So how are you protecting your data internally and externally?





Efficiency and Growth with B2B Communications

6 05 2010

Efficiency and growth are key concerns to businesses in a global market. A B2B solution’s flexibility should allow you to easily integrate with back-end systems like EDI translators and databases, or application to application – migrating those legacy systems into a secure and automated file transfer system. A true B2B file transfer solution provides real-time visibility to all transfers and data exchanges taking place – creating greater efficiency and resulting in avoidance of fines due to SLAs, payment delays and performance gaps.

Growth is easy when you can on-board new partners quickly and securely. You can provide your partners with tools that make it easier for them to do business with you. In a business environment that is full of mergers and acquisitions and technology consolidations, data management is critical. The need  for an easy and manageable way to keep control becomes more and more apparent. Managed File Transfer is one of the easiest ways to get your data under control, ensuring it’s secure while in transit – every  step of the way.

B2B Managed File Transfer provides security at the highest level while also providing visibility to transactions. Meet necessary compliance and regulatory standards, manage your data exchanges with 100 percent up-time, merge disparate systems to create a seamless flow of information and position your enterprise for growth. Additionally, B2B MFT allows you to manage your data exchanges through secure, multi-industry protocols. This increased security also resolves ad hoc communication issues, including large files or attachments containing sensitive information.