Healthcare

Industry Challenge

Ensuring the privacy, confidentiality, integrity and security of personal health information is the cornerstone of regulations such as the Health Insurance Portability and Accountability Act (HIPAA) in the U.S. HIPAA contains provisions that specifically govern access to, uses and disclosures of an individual’s protected health information (PHI). HIPAA also requires physical and technical safeguards to protect the confidentiality, integrity and availability of PHI in electronic form. Specifically, it prohibits the unauthorized access, disclosure, use, duplication, modification, diversion, destruction, storage, loss, misuse, or theft of medical (hard copy or electronic) records such as email, information, software or hardware as relates to PHI.

HIPAA and other data protection regulations such as the EU Data Protection Act require that all organizations and business which process, maintain, store, or exchange PHI, regardless of size, be governed under their provisions. The reach of the regulations goes beyond health care providers and insurance companies to include companies maintaining employee health records, public health authorities, organ donation banks, pharmacies, long-term facilities, billing agencies and any other organizations that have access to these records. Healthcare organizations regardless of their location, understand that the privacy, confidentiality, integrity and security of PHI is a fundamental necessity and have looked to solutions to help provide them the tools to ensure that the management of their ESI is compliant with relevant regulations.

Industry Challenges

Ensure integrity, security, privacy of protected health information (PHI)
Automatically and consistently capture, archive, secure, store and retain ESI
Enhance infrastructure optimization and excess capacity
Manage and enforce retention policies
Granular role definition for access to ESI
No audit trail on ESI access, modification or deletion
Redundant storage capabilities for ESI
Integrated redundancies and high availability of ESI

Nayatek Benefits

Ensure the integrity, security and privacy of PHI

Datosphere provides a tamper resistant archive, native encryption, granular role definition and a comprehensive audit trail to ensure that PHI remains protected and can only be accessed by those with the proper authorization.

Forensic security model and comprehensive audit trail

Datosphere’s forensic security model is built into the architecture, not bolted on later. It ensures that all records are secure and the content is original and unchanged. Comprehensive auditor approval processes and audit logs demonstrate a historical record of what has been done with the archives, searches and the overall system.

Granular role definitions protect integrity and privacy of data

Granular user role designation allows an organization to separate admin tasks from the ability to search the archives thus ensuring secure access control to the archives. The ability to delegate discovery and compliance tasks to non-IT personnel while protecting system operations empowers organizations to execute upon their policies.

Maintain high availability of archived ESI and PHI

Organizations can deploy and maintain a complete, duplicate archiving infrastructure at a separate location where the two sites are really all part of one installation. Datosphere intelligently knows which site they belong to and processes them accordingly. Both sites independently store and index the documents so that in the event of a primary site failure, archiving and discovery can continue uninterrupted at the disaster recovery site.

Easily set and enforce retention policies

Organizations can centrally set and enforce flexible retention policies to control the size and rate of growth of the archive. During retention periods, organizations can ensure that the ESI is available, readily searchable and can be quickly produced at any point.

Search

Solutions

Resources