Medical and Healthcare

Problem Statement

Health care practices are among the best examples of the need for security, privacy and mobility. Personal medical records and information concerning medications should always be readily available, but at the same time they should be stored and managed according to clear policies and regulations. In the USA, the Health Insurance Portability and Accountability Act (HIPAA, Title II) establishes national standards for electronic health care transactions and addresses the security and privacy of health data. Adopting these standards has improved the efficiency and effectiveness of the health care system by encouraging the widespread use of electronic data interchange in health care. In turn, this has opened the door to a pervasive risk of exposing private and sensitive information about patients and their medical histories. Healthcare organizations must take appropriate measures to safeguard both patient records and related data communications. This includes measures to ensure the privacy and security of patient-identifiable information (PHI) contained in e-mails or files in order to avoid stiff legal penalties. Some of the still open issues are:

- How to leverage the public Internet to transmit patient data without jeopardizing its integrity and confidentiality.

- How to store medical information with assurances against perimeter security failures or insider threats.

- How to share information without losing control over its usage and tracking all accesses to, and uses of, patient data.

The e-Capsule™ MD Suite.

The e-Capsule™ solution lets healthcare organizations share confidential patient files securely with business associates, patients and health maintenance organizations in accordance with HIPAA regulations. The zero-footprint feature assures that access to life-saving information (such as: identity and contact details, blood type, allergies, current medications, etc.) can be made readily available to authorized users, without requiring previous installation or complicated server authentication. The data transfers between the patient and the provider occurs over an encrypted_channel established and enforced by the e-Capsule™ application launched from the user's personal USB Access Token. Access to sensitive or detailed information can be obtained both through offline multilevel access to local encrypted containers or through online access to an encrypted centralized repository containing all the historical data on the patient's health history. The classification attributes of the stored data allow different users to see hierarchically selected information: patients will view only the data relevant to their condition, while doctors will be able to view, enter and share visual, graphical and even multimedia data on anamnesis, test results, diagnosis and treatments. All outgoing e-mails can be automatically encrypted and protected without substantially impacting how users typically send and receive e-mails. Action logging provides a detailed audit trail to prove when and which information has been disclosed. In summary, the e-Capsule™ MD Suite lets healthcare providers:

• Ensure the confidentiality, integrity, and availability of patient-identifiable information
• Meet a wide range of security needs both within and outside of their healthcare organization
• Deploy secure file sharing and messaging in a manner that does not affect their existing business workflow

Request more information

For more information about e-Capsule™ products for Medical and Healthcare, contact us.