Global DataGuard Ensures HIPAA Compliance For Electronic Protected Health Information

Global DataGuard Ensures HIPAA Compliance For Electronic Protected Health Information

Enterprise UTM Products and Services Improve Compliance Posture and Reduce Cost of Ownership

Dallas, Texas, April 21, 2008 – Global DataGuard, the premier provider of Enterprise Unified Threat Management for small and medium business to large enterprise environments today announced that it is offering a full suite of enterprise-class products and services to assist healthcare organizations in successfully implementing Security Standards outlined by the Health Insurance Portability and Accountability Act (HIPAA). Utilizing a fully integrated portfolio of Enterprise UTM products and world-class managed and professional services, Global DataGuard’s HIPAA compliance solution provides for risk-based network assessment, auditing and planning for administrative, physical and technical safeguards, and includes a comprehensive behavioral-based network security architecture to help organizations efficiently and cost-effectively protect confidential healthcare data and electronic healthcare transactions.

To enable healthcare organizations to effectively implement the various provisions of HIPAA, the rule titled “Security Standards for the Protection of Electronic Protected Health Information,” commonly known as the Security Rule, is designed to ensure that Electronic Protected Health Information (EPHI) is available only to those individuals who should have access to it. The Security Rule specifies a series of administrative, physical and technical procedures for covered entities to use to protect the confidentiality of EPHI. Covered entities such as Healthcare Providers, Health Plans, and Healthcare Clearinghouses must comply with these requirements and implementation specifications in order to avoid potential sanctions and fines. Compliance with the Security Rule standards also reduces the risk of lawsuits and damage to an organization’s reputation.

“With the move toward a National Health Information Infrastructure (NHII) and greater use of electronic health records, protecting the confidentiality, integrity, and availability of EPHI is more critical than ever,” stated Dean A. Trumbull, vice president and chief operating officer for Global DataGuard. “Our actionable, predictive Enterprise UTM security suite and 24/7 Managed Services align with the administrative, physical and technical safeguards as defined by the Security Rule – enabling healthcare organizations to improve their compliance posture, reduce infrastructure costs and avoid expensive sanctions and penalties for non-compliance.”

Maintaining Compliance Makes Good Business Sense

Global DataGuard’s extensive experience in supporting organizations working toward improving their compliance posture extends to all aspects of internal and external IT security. It includes behavioral analysis and correlation, security monitoring, vulnerability management, network access management/monitoring, assessment, training, project management, policies and procedures, and regulatory compliance audits. This holistic, behavioral-based approach to security integration enables Global DataGuard to address administrative, physical and technical safeguard requirements within the Security Rule by providing:

  • A risk-based methodology to help customers regularly audit IT systems, policies and procedures to ensure that they align with HIPAA requirements;
  • Evaluation of, and regular reviews for administrative, physical and technical security controls, with assessments and recommendations for areas in need of improvement;
  • Full lifecycle device management, including change and configuration management;
  • Workforce and training policy audits and assessment;
  • Annual vulnerability assessments and evaluation of an organization’s electronic security perimeter to determine HIPAA compliance;
  • Ongoing rule-set changes and firewall monitoring to identify signs of attack;
  • Detailed web-based reporting through the Global DataGuard Portal;
  • Monitoring of network access points to detect, prevent, deter, and mitigate the introduction, exposure and propagation of malware;
  • Assistance with development and implementation of an Incident Response Plan to ensure that it meets or exceeds minimum HIPAA requirements for classification, response, reporting, and documentation; and
  • Regular recovery and disaster backup plan audits to identify gaps that should be addressed in order to successfully respond to an emergency or other occurrence that damages systems containing EPHI.

From auditing to technology, process and policy, Global DataGuard’s fully integrated, behavioral based Enterprise UTM++ security suite and All-n-One Security Module can help customers cost-effectively achieve and maintain ongoing regulatory compliance within their unique vertical market, whether it’s for HIPAA, PCI , SOX or NERC CIP.