AUSTIN, Texas--(BUSINESS WIRE)--The HIPAA Omnibus rule, enforceable as of Sept. 23, 2013, extends security and privacy requirements to business associates and contractors, such as billing companies and those that perform services on behalf of a health care provider. The rule also increases the penalties for non-compliance. As organizations rush to comply with the new rules, many are turning to Gazzang, the big data security experts, for help securing protected health information (PHI), and partner RISC Management to assess, document, and achieve compliance.
“Every year, the sensitive medical records of millions of Americans are exposed in a data breach. These breaches are occurring at alarming rates, and the risk of exposure is only going to increase as records are shared with third parties and new health insurance exchanges (HIEs) come online,” said Larry Warnock, CEO at Gazzang. “Data encryption and key management play a key role in helping organizations protect electronic PHI by securing the data at rest and restricting access to the sensitive files. This is also a fundamental security layer for enabling HIPAA compliance.”
Gazzang zNcrypt™ for Health Care can be applied easily, quickly, and economically as a solution for data privacy and security requirements defined within HIPAA and HITECH. Through AES-256 encryption, advanced key management and process-based access controls, zNcrypt provides transparent data encryption for any database or application running on Linux, including big data environments. Additionally, Gazzang zTrustee™ protects the Gazzang encryption keys with several layers of advanced techniques to ensure the key is only accessible by authorized parties. In the event of a data breach, encryption can help organizations protect sensitive PHI and may enable them to claim “Safe Harbor.”
“Data breaches such as the one experienced by Advocate Health Group affecting more than four million patients, and the subsequent huge class action lawsuit need not occur. A thorough risk analysis, as required by HIPAA, and implementation of stable, supportable encryption technology could have saved the organization a great deal of cost and time, and more than four million patients a lot of stress,” said Chris Heuman, Practice Leader at RISC Management.
Leading healthcare organizations that rely on Gazzang encryption and key management solutions include Castlight Health, Children’s Hospital of Boston, Children’s Mercy Hospital, Emory University, Hartford Health, Johnson & Johnson, Kaiser Permanente, RxApps, Tonic Health, UCLA Health Sciences, University of Michigan Health System and more.
Gazzang and RISC Management are hosting a webinar titled, “Are You Ready for the Final HIPAA Omnibus Rule Changes?” on Wednesday, Nov. 6 at 12:00 p.m. ET. Click here to register and learn what constitutes a breach and how best to protect regulated data such as ePHI.
Product overview: Encryption and Key Management for Health Care Data
Infographic: Can Healthcare Data Be Secure in the Cloud?
Case study: Tonic Health
Compliance guide: HIPAA and HITECH Regulations
Gazzang provides data security solutions and expertise to help enterprises protect sensitive information and maintain performance in big data and cloud environments. Our technology enables SaaS vendors, health care organizations, financial institutions, public sector agencies and more to meet regulatory compliance initiatives, secure personally identifiable information and prevent unauthorized access to sensitive data and systems. The company is headquartered in Austin, Texas and backed by Austin Ventures and Silver Creek Ventures. For more information, visit www.gazzang.com.
About RISC Management
RISC Management is an organization dedicated to data privacy and information security, focused primarily on healthcare, banking and finance, and higher education. RISC helps to protect the regulated and sensitive data of our clients and their customers. RISC provides a wide array of compliance and security services to help ensure our clients understand legal and industry requirements. Our experts identify, analyze, document, and remediate risks and vulnerabilities to protect sensitive information. For more information visit www.RISCsecurity.com.