HIPAA Compliance Finally Made Simple… Find Out How

Reading time:3 mins

Medical-grade networks are a must for healthcare organizations.  But getting there is a challenge. You’ve got to secure/encrypt inbound and outbound devices on different platforms, from tablets to cell phones to faxes, and all the emails that flow through your system.

You have to secure access for administrators, managers, employees and patients, and the guests at your facility who want to browse the internet. You’ve got to encrypt emails.  You’ve got to protect your prescription information transit from facility to pharmacy. You’ve got to watch for network intrusion.

And there’s the little matter of electronic medical records.

You’re doing it with hardware, software and overtaxed HIPAA compliance officers who are even having to watch your social media posts these days to make sure no image of a patient or protected health information somehow escapes.

And running through this giant ball of technical yarn is handling the strictest identity demands outside of government. Making sure that no unauthorized person makes it through the gates. For every role in a healthcare organization there’s a potential security hole that keeps executives staring at the ceiling at night.

How will a nurse login to his computer on the floor? How will that doctor on vacation send in that new medication request? How will a patient login to view her biopsy results? And, how will you know it’s actually the real user if they’re simply typing their credentials in?

Identity security – authenticating a person’s identity with absolute assurance before allowing them “in” –  is still, even today, a preposterously loose proposition for many networks. Some health organizations still use outdated email addresses, typed passwords and security questions which amounts to Swiss cheese. Logging in with stolen/engineered credentials is always one of the top ways healthcare breaches occur. And it happens over and over and over and over.

Remember, logging in with credentials is anonymous. There’s no way to determine whose hand is on the keyboard. Hackers can easily impersonate another by using the internet to answer security questions, grab email addresses, predict passwords and user names and engineer an identity grab. And that’s without any malware or even breaking a sweat. Here’s another scenario: what if a husband steals his wife’s login information to see what she does all day? Are you OK with that?

The only identity security equal to the advanced medical grade network sophistication you’ve created (or are in the process of creating) is biometric authentication. It’s typically pricey, cumbersome (needs hardware) and complicated but it’s rock-solid assurance.

Think about it. If no one got into your network because they could not spoof it, hack it or beat it, what would that be worth to you? To your organization? To your compliance officers?

Wouldn’t simply solving the single most pressing vulnerability that your healthcare network faces super-charge your business and free up massive resources for other things? What would it do to your risk management? Would you like to be impregnable or just kinda secure?

What would you pay for biometric software that’s inexpensive, easy to deploy and locks down every device and access point to your network?

Yes – that’s a loaded question because we know the answer. It’s an elegant, simple idea whose time has come. The hand-drawn password. The world’s first biometric password. It’s a biometric (unique to each person, can’t be faked). It’s reset-able (simply change the drawing). It’s something you have to know (knowing the characters makes it a multi-factor security method).

And it flexes with whatever input method your user wants– a finger or a mouse. On your network the software integrates seamlessly wherever you need ID control and pops up to remind users to enter their easy, 4-digit password before proceeding. In seconds, their identity is authenticated and they either receive access or are denied.

No other biometric could handle what healthcare throws at it. Most are hardware based. Can you afford fingerprint readers for every desk login, every machine – even the secured print jobs? There’s also physical access to think about. For example, entering a secured area like your pharmacy, a biometric reader will do the trick, but it’s expensive. What if your pharmacist just carried her phone and logged in that way? Wouldn’t that be simple?

Introducing BioSig-ID, the hand-drawn password technology. BioProof-ID and BioTect-ID complete the suite. We think you’ll be impressed. Let’s talk.