Encryption technology for the Healthcare enterprise<br />Privacy and Security of PHI<br />Protecting Data at Rest <br />
Health Information Security<br />Adoption and implementation of emerging  health IT solutions must involve reassessment of...
Health Information Security<br />Assessing the health IT environment requires an understanding of all technologies being u...
Encryption<br />Is a process that transforms plaintext data (using a certified algorithm like AES – Advanced Encryption St...
Encryption	<br />The key management and key rotation processes are the most critical aspects of data encryption <br />Most...
Encryption<br />Encryption is part of a comprehensive prevention strategy when used in conjunction with other technologies...
Types of Encryption Solutions<br />Software Solutions<br />Limited security capability with inside employees<br />Sold as ...
Types of encryption solutions<br />Hardware or Appliance-based<br />Lower Total Cost of Ownership – No licensing fees <br ...
Appliance-based Encryption<br />Resides on the network and use a hardware device to encrypt and decrypt at high speeds<br ...
JANA Series Technology<br />Award-winning encryption technology<br />Complies with state and federal security and privacy ...
JANA Series Technology<br />Appliance-based solution offering superior performance and security<br />Easy upgrading and up...
	JANA Series Technology<br />JANA appliances are award winning encryption solutions that completely offload intense crypto...
Installation Diagram<br />
Jana & Dark matter labs<br />Offers an advanced level of security through an appliance-based solution<br />Highest level c...
Who should encrypt?<br />All healthcare providers who access and store protected health information. Hospitals, physician ...
Why encrypt?<br />Protect data even in the event of a security breach<br />Safeguard patient information<br />HIPAA compli...
Jana series encryption <br />www.darkmatterlabs.net<br />
Upcoming SlideShare
Loading in …5
×

Encryption Solutions for Healthcare

1,412 views

Published on

Implementing a professional encryption solution as part of a comprehensive privacy and security strategy for protected health information data-at-rest

Published in: Health & Medicine
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,412
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
26
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Encryption Solutions for Healthcare

  1. 1. Encryption technology for the Healthcare enterprise<br />Privacy and Security of PHI<br />Protecting Data at Rest <br />
  2. 2. Health Information Security<br />Adoption and implementation of emerging health IT solutions must involve reassessment of security practices and policies<br />Healthcare providers are expected to prevent the unauthorized access, use and disclosure of a patient’s protected electronic health information <br />Developing a comprehensive strategy for ensuring the confidentiality, integrity and availability of electronic patient data will be required<br />
  3. 3. Health Information Security<br />Assessing the health IT environment requires an understanding of all technologies being used throughout the enterprise for clinical, and administrative purposes<br />Evaluate any possible situation for unauthorized access and use. Today, many individuals and groups have access to, and can share electronic medical records and confidential patient information, including:<br />Government and public health agencies<br />Insurance companies<br />Hospital and Physician office personnel<br />IT vendors and their business associates<br />Part of the healthcare providers comprehensive security strategy will include a professional grade encryption solution <br />
  4. 4. Encryption<br />Is a process that transforms plaintext data (using a certified algorithm like AES – Advanced Encryption Standard) into a format that makes it unreadable without an authorization key <br />The authorization key is a type of password and is required to encrypt and also decrypt the data<br />Key Management is the process of monitoring the algorithms and the employees keys, and is managed by a key custodian<br />Changing keys regularly is referred to as Key Rotation, and is necessary in order to maintain optimum security levels<br />
  5. 5. Encryption <br />The key management and key rotation processes are the most critical aspects of data encryption <br />Most conventional solutions are time consuming and can be difficult, especially with limited IT staffing and support<br />A simple yet sophisticated technology is necessary in order to manage a continuous cycle of key creation, splitting, initialization, rotation and deletion <br />
  6. 6. Encryption<br />Encryption is part of a comprehensive prevention strategy when used in conjunction with other technologies, and can be a first and last line of defense against:<br />Accidental loss or disclosure of confidential data by employees, business associates and consultants<br />Internal access by employees (malicious)<br />Lost or misplaced laptops<br />Theft<br />Office break-in<br />External breach / Hacker (malicious)<br />
  7. 7. Types of Encryption Solutions<br />Software Solutions<br />Limited security capability with inside employees<br />Sold as individual licenses – can be very expensive <br />Will decrease database performance<br />Difficult and complex key management and rotation<br />Typically requires a dedicated IT staff to manage and support<br />May not support certain operating systems (Linux, Mac OS X)<br />
  8. 8. Types of encryption solutions<br />Hardware or Appliance-based<br />Lower Total Cost of Ownership – No licensing fees <br />Can be installed at web, application or database server<br />Does not effect system speed or performance<br />Minimal integration and IT expertise needed<br />Non-proprietary, can be used with any operating system<br />Scalable to large organizations without additional licensing costs<br />Offloads encryption processing from servers<br />
  9. 9. Appliance-based Encryption<br />Resides on the network and use a hardware device to encrypt and decrypt at high speeds<br />Offloads cryptographic processing from database for improving system performance<br />Scalable to handle any quantity of data<br />Not operating system (OS) dependent. Typically compatible to most IT environments and networks<br />Integrates easily with EMR, Practice Management, Imaging and Clinical information systems<br />Ideal for hosted solutions<br />
  10. 10. JANA Series Technology<br />Award-winning encryption technology<br />Complies with state and federal security and privacy rules<br />Powerful, yet simple key management and key rotation features<br />Works in any operating environment<br />Can be used simultaneously by multiple (different) business applications<br />Scalable to any size healthcare provider, from a physician office to the large, geographically dispersed Integrated Delivery Network (IDN)<br />Manufactured in USA by Dark Matter Labs<br />
  11. 11. JANA Series Technology<br />Appliance-based solution offering superior performance and security<br />Easy upgrading and updating when required<br />State-of-the-art software delivered on a revolutionary hardware platform<br />Offers strict control over encryption keys<br />Increases network performance<br />Can be interfaced with web servers, application servers (recommended), database servers, or customized servers<br />
  12. 12. JANA Series Technology<br />JANA appliances are award winning encryption solutions that completely offload intense cryptographic processing from overworked servers<br />3 Devices designed for small to enterprise-wide applications<br />Employs government certified algorithms<br />Completely independent of database, operating system, and application<br />Units differentiate based on processing power, speed, number of Ethernet ports and high availability capability<br />
  13. 13. Installation Diagram<br />
  14. 14. Jana & Dark matter labs<br />Offers an advanced level of security through an appliance-based solution<br />Highest level customer support with an industry-first perpetual hardware replacement warranty<br />Offers comprehensive technical support and encryption training<br />No hidden costs, licenses or vendor lock-in when purchasing appliance-based technology<br />Simple to install and use<br />
  15. 15. Who should encrypt?<br />All healthcare providers who access and store protected health information. Hospitals, physician offices, pharmacies, clinics, labs, psychiatry offices, imaging centers and dentists<br />Healthcare management organizations, i.e. HMO’s<br />Health Insurance companies <br />Commercial vendors i.e. EMR software, Hospital Information Systems, Billing and Transcription, Hosting services, Imaging Equipment<br />
  16. 16. Why encrypt?<br />Protect data even in the event of a security breach<br />Safeguard patient information<br />HIPAA compliance, and <br />TO AVOID<br />Financial loss (large fines, lost patients & revenue)<br />Legal ramifications (regulatory or civil prosecution)<br />Damage to professional image (negative publicity & media fallout)<br />
  17. 17. Jana series encryption <br />www.darkmatterlabs.net<br />

×