Clients

Financial Offices

Small Business

Medical Offices

Scientific Users

Network Admin

What is HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) applies to any healthcare provider, health plan, and clearing house that electronically maintains or transmits health information pertaining to individuals. HIPAA was designed to promote healthcare standards for patient confidentiality, provide an incentive for electronic communications, create consist industry standards and the reduce administrative costs of healthcare.

The Standards for the Security of Electronic Protected Health Information (the “Security Rule”) went into effect in April of 2006. The Security Rule requires health care providers, health plans and clearing houses to have data security standards in place.

The Security Rule and Data Backup

Many of the Security Rule’s standards apply to the backup of data. Health care providers, health plans and clearing houses must have a contingency plan that will:

“Establish (and implement as needed) policies and procedures for responding to an emergency or other occurrence (for example fire, vandalism, system failure, and natural disaster) that damages systems that contain electronic protected health information.”

This contingency plan must include a data backup plan, a disaster recovery plan, and emergency mode operation plan. They must also have certain physical safeguards, such as facility access controls. The Security rule is further detailed through 18 technical standards and 36 implementation specifications not covered in this document.

Technical Safeguards Required

Health care providers, health plans and clearing houses must also implement the following technical safeguards: Encrypt and decrypt electronic protected health information, limit access to electronic protected health information, put audit controls in place that record and examine activity in information systems that contain electronic protected health information, and implement technical security measures to guard against unauthorized access to electronic protected information that’s being transmitted over an electronic communications network.

SyncCom's Backup and HIPAA Compliance

SyncCom’s Backup and Disaster Recovery Solutions are the Answer

SyncCom can supply any health care provider with a backup and disaster recovery solution that will meet HIPAA compliance requirements. SyncCom can provide local encryption and all data is encrypted as it moves from the SyncCom device to our off-site data centers. Data is never accessible without an encryption key. SyncCom employees cannot access the files or read without the key.

Encryption is Key

SyncCom encrypts files by using Advanced Encryption Standard (AES) encryption technology. AES encryption was developed by the U.S. National Institute of Standards and Technology (NIST) and is now the state-of-the-art standard encryption technique for both commercial and government applications. AES is the best choice for protecting electronic protected health information (ePHI) because of its encryption algorithm, its strength and its speed.

To meet the Security’s Rule’s transmission requirements, each encrypted file is then sent over the Internet via a secure channel using AES 256 encryption and Secure Sockets Layer SSL technology. As a result, the data is encrypted twice and is also encrypted both to and from SyncCom’s secure bicostal data centers.

Archiving and Restoring

SyncCom keeps all data archived off-site for one calendar year. In addition, all data is stored on the clients physical server, laptop, desktop, etc., the local SyncCom device, and then also in bi-coastal data centers. This creates a redundancy that other BDR hardware and software cannot match. This redundancy provides IT Service Providers and end-users alike with the comfort of knowing they have a solution that offers them complete business continuity.

Restoration is also an important element of HIPAA compliance. Backups that cannot be restored quickly and easily will eliminate the advantage of taking backups at all. In the event of a disaster, businesses need to get back up and running as fast as possible. SyncCom’s solutions can quickly restore files and return them to their original location in a decrypted and uncompressed form.

Disclaimer

Nothing in this document is intended to constitute as legal advice. For more information about HIPAA and compliance with HIPAA requirements, please consult your legal counsel. For more information on SyncCom solutions, please contact us.