Consulting Services

InfoGard Offers Two New EHR Services - Breach Gap Analysis and Designing for Compliance Training - to Advance Breach Safe Harbor for Providers

InfoGard Oct 22, 2010


SAN LUIS OBISPO, Calif. - InfoGard (www.InfoGard.com), an ONC-Authorized Testing and Certification Body (ONC-ATCB) and NIST accredited IT security laboratory is pleased to announce two new offerings that promise a sea change in the mostly unaddressed but critical area of patient data breaches. The compelling statistics on patient data breaches depicted on the HHS Office of Civil Rights (OCR) website (http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachtool.html) point up the urgency with which the Electronic Health Record (EHR) industry needs to address this rapidly expanding problem. The incidence of lost or stolen media, including laptops and hard drives is a major contributor to these breaches. Recent surveys indicate that preventing data breaches is the number one priority of hospital CIO's. This strongly underscores the importance of protecting EHR data from breaches, something the industry has yet to properly address.

In the recent Interim Final Rule on Breach Safe Harbor (45 CFR Part 160 and 164), a safe harbor is provided for those providers whose EHR systems comply with specified NIST guidelines for data at rest and data in motion. Currently, most EHR applications fail to meet these guidelines and many vendors are not aware that a safe harbor for breach exists. Because of this lack of exposure to the range of NIST security standards and lack of awareness of a legal safe harbor for breach, EHR vendors are at a disadvantage in addressing Breach Safe Harbor for providers in their designs.

InfoGard is pleased to announce two offerings that will provide vendors a path to EHR product compliance with Breach Safe Harbor... First, effective December 1, InfoGard will offer a Gap Analysis that evaluates EHR privacy and security controls against the HHS and NIST requirements for Breach Safe Harbor.

Second, effective February 1, InfoGard will offer training for EHR vendors that addresses the design requirements necessary to comply with NIST cryptographic and IT security guidelines. Together, these services will fill the current void and provide EHR vendors a path forward for providers. EHR vendors with products conforming to these guidelines will be responding to healthcare providers' greatest need - the protection of private patient data from disclosure and attaining breach safe harbor.

InfoGard became the nation's first NIST accredited IT security lab in 1995. Since then, InfoGard has provided IT privacy and security evaluation and design training per NIST standards and guidelines to several industries. Compliance with the NIST data at rest guidelines will eliminate the risks of data breaches associated with stolen or inadvertently disclosed media. Compliance with the NIST data in motion standards will protect data movement within and between provider organizations and enable data transmission interoperability.

Increasingly, Health Information Technology that manages patient data must adhere to NIST security and privacy standards and guidelines for best practice. Anything less will not achieve the foundation of trust necessary to achieve the vision underlying the HITECH act. Until then, providers will continue to struggle with security and privacy challenges such as breach of patient health records.

Pricing for both products is quoted on a case-by-case basis. Please contact Doug Biggs at dbiggs@infogard.com or (805) 783-0810.

About InfoGard Laboratories

InfoGard has been instrumental in developing a number of government and private sector test and certification programs, including NIST's Cryptographic Module Validation Program, programs for postage metering systems in five western countries, and two programs for the payment card industry. InfoGard is also an accredited Common Criteria laboratory. This experienced has provided InfoGard the ability to collaborate successfully with many different organizations in the development of IT testing and certification programs. InfoGard is independent, self-funded and employee owned. For further information, please visit www.infogard.com.

SOURCE

InfoGard

CONTACT: Douglas Biggs of InfoGard, +1-805-783-0810, dbiggs@infogard.com

Web Site: www.infogard.com

White Papers & Case Studies

View All White Papers & Case Studies

View All Resources

All Topics

Manufacturing Innovation

Industry Trends

Engineering & Design

Sales & Marketing

Supply Chain

Career & Workforce

Company News

New Products

Thomas Index

Daily Bite

Find Suppliers, Insights, Tools and More...

Become part of North America's largest and most active network of B2B buyers and industrial/commercial suppliers.

Select From Over 500,000
Industrial Suppliers

Find and evaluate OEMs, Custom Manufacturers, Service Companies and Distributors.

Receive Daily
Industry Updates

Stay up to date on industry news and trends, product announcements and the latest innovations.

Search Over
6 Million Products

Find materials, components, equipment, MRO supplies and more.

Download 2D & 3D
CAD Models

10+ million models from leading OEMs, compatible with all major CAD software systems.
Start Sourcing Suppliers Claim Your Company Profile ico-arrow-default-right
Cookie Policy
Close
Thomas uses cookies to ensure that we give you the best experience on our website. By using this site, you agree to our Privacy Statement and our Terms of Use.
Accept