Managed File Transfer: Preventing Healthcare Identity Theft

17 06 2010

In a recent report by the Smart Card Alliance entitled, “Medical Identity Theft in Healthcare,” the study sites that, “Further evidence of the significance of the medical fraud problem is the allocation of $1.7 billion for fraud detection in the 2011 U.S. Health and Human Services budget.” In 2009 alone, 68 reported healthcare data breaches in the U.S. put over 11.3 million patient records at risk according to the Identity Theft and Resource Center (ITRC).

Paper records are no longer acceptable for your organization.

The American Recovery and Reinvestment Act (ARRA) and the associated provisions under the Health Information Technology  for Economic and Clinical Health (HITECH),  have highlighted the need to address security and privacy across our healthcare system.

The report goes on to state that “the way to stop medical identity theft confusion is to improve patient identification and provide enhanced data production through strong authentication and encryption.” How can a healthcare organization achieve this? B2B Managed File Transfer. Protection of patient information does not happen just inside the four walls of your organization. Think of the providers, health record banks, health insurance and hospital Web portals.

The key is two-factor authentication and data encryption. Are you employing these security methodologies at your organization?


HITECH Act: New Data Security Rules for Healthcare

2 11 2009

In a recent NetworldWorld article, entitled, “HITECH Act: What you need to know about new data-breach guidelines,” the focus is on the increasingly strict punishments and fines on organizations that “stumble” in protecting personal heath information (PHI). The new law was passed by Congress in February and is now coming into enforcement by the U.S. Department of Health (HHS) and the Federal Trade Commission.

Fines will range as low as $100 per violation to up to $1.5 million or more for knowingly and willfully violation of data breach rules. The HITECH Act covers healthcare providers, insurers, clearinghouses and also business partners handling personal information regarding individual health records. Other protected information includes names, Social Security numbers, address and insurance account numbers.

While the full scope of the law is yet to be revealed, companies in healthcare and related industries, need to comply to this rule in 2010. The big mandate is encryption.  Organizations are going to have to encrypt effectively among business partners.

Are you ready for the HITECH Act? For more information on the law, please visit: