HITECH Act: New Data Security Rules for Healthcare

2 11 2009

In a recent NetworldWorld article, entitled, “HITECH Act: What you need to know about new data-breach guidelines,” the focus is on the increasingly strict punishments and fines on organizations that “stumble” in protecting personal heath information (PHI). The new law was passed by Congress in February and is now coming into enforcement by the U.S. Department of Health (HHS) and the Federal Trade Commission.

Fines will range as low as $100 per violation to up to $1.5 million or more for knowingly and willfully violation of data breach rules. The HITECH Act covers healthcare providers, insurers, clearinghouses and also business partners handling personal information regarding individual health records. Other protected information includes names, Social Security numbers, address and insurance account numbers.

While the full scope of the law is yet to be revealed, companies in healthcare and related industries, need to comply to this rule in 2010. The big mandate is encryption.  Organizations are going to have to encrypt effectively among business partners.

Are you ready for the HITECH Act? For more information on the law, please visit: http://hitechanswers.net/.


Complying with Fed Regulations

22 09 2009

Many federal regulations are making MFT not only a better option, but the only option. Data transfers are often performed by a myriad of file transfer products that vary widely in terms of robustness, security and audit capabilities. All efforts to provide an end-to-end view fail as long as file transfers are processed separately using different technology. The same issues that prevent the end-to-end view also prevent a streamlined approach for compliance management and auditing.

As the enterprise-wide deployment of legacy file transfer products is cost prohibitive, most organizations are riddled with file transfer products, tools and utilities that cannot interoperate. With the amount of data transferred by organizations increasing everyday, it is imperative to standardize on a modern, cost-effective managed file transfer solution that adheres to current security and audit requirements including:

  • Sarbanes-Oxley Act (SOX)
  • Gramm-Leach-Bliley Act (GLBA)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Basel II