Can File sharing be Easy And Secure for Protected Health Information (PHI)?
Health data breach spending is projected to reach $70 Billion by 2015 related to EHR (Electronic Health Record) systems and mobile technology to meet government compliance standards. (The Boyd Company)
With recent examples of major data breaches and increased regulatory oversight to secure PHI, healthcare entities are questioning existing methods for file sharing and collaboration. These include common web-based file sharing services that may be unsecure and difficult or impossible to audit by the IT and compliance organizations.
Central to achieving HIPAA compliance and meaningful use qualification is securing PHI data within the enterprise and externally when communicating with partners, suppliers, payers, and providers. The best way to secure PHI data is to encrypt it effectively. This includes PHI data in transport and at rest. Tracking and auditing the file transfer process will also help healthcare organizations through upcoming meaningful use qualifications.
The question is whether complete security can be obtained easily with broad end-user adoption, integration with current systems, and seamless handling of large files. Securing patient information should be as easy as email without any of the hassles.
Thankfully, secure file transfer technology is encrypted, can integrate with existing systems, handles large files with ease, and will provide IT with automatic auditing and reporting across the enterprise. Best of all, user adoption should be immediate.
In the following Network World article, Ellen Messmer discusses how enterprises are beginning to secure PHI data with ease, avoiding the data breach risks that can be introduced by commonly used file-sharing services.
http://www.networkworld.com/news/2012/031512-cloud-file-sharing-257296.html
PHI breaches doubled in 2011
According to Redspin consulting, as reported in infosecurity, the number of patient record breaches has doubled last year.
Redspin cites the increasing concentration of protected health information (PHI) on unencrypted portable devices and the lack of sufficient oversight of PHI disclosed to hospital’s business associates as the main reasons for the increase.
Here at Biscom, we’re definitely seeing an uptick in demand for our secure file transfer solution from our healthcare customers – there are serious consequences, both in terms of financial liability as well as reputation that are at stake. NIH, Mass General Hospital, Children’s Hospital, Medtronic, and many more healthcare organization trust us to transmit their PHI securely. Contact us if you’re facing similar issues – we can help!
Knowing is Half The Battle – A Discussion About Law Firm Security
Video Run Time – 2:26
Law firms face the daily task of protecting themselves and their clients from breaches of confidential data that could lead to noncompliance with government regulations, large fines, damaged reputations, and loss of business. What some firms are not aware of is that the most ordinary tools and practices – from emails to software configurations – can open a legal organization up to breaches.
Biscom is hosting a webinar on the issue of law firm security and the hidden dangers that lurk within firms. Our Legal Practice Director, Charlie Magliato, will be joined by Jeffrey Brandt, Editor of the Pinhawk Law Technology Daily Digest and noted legal technology thought leader. They will discuss the vulnerabilities posed by the proliferation of mobile devices, the consumerization of technology and cloud computing. In addition, they will also talk about the following which can be helpful to a law firm as they assess their security program:
- High-profile data breaches – law firms are no longer immune.
- Culture and technology pressures that contribute to increased risks
- The increasing demands of both national and state government regulations
- How employees, clients and vendors contribute to data breaches
- Current and emerging security best practices
Webinar Details:
Date: Wednesday, January 25, 2012
Time: 12:00 pm – 1:00 pm EST
Biscom announces new legal clients
Biscom’s legal business continues to grow! We are pleased to announce the addition of 5 new legal clients. Our growth is the result of Biscom’s laser focus on the legal industry. During the last 2 years Biscom has collaborated with our legal clients to identify and deliver features and enhancements to better meet the secure document needs of law firms and corporate legal departments. Of particular focus for us has been the litigation and practice support groups that have a need for a high performance file and folder upload capability to support production discovery environments. We are also hearing from law firms that are increasingly concerned about the unsanctioned use of hosted file transfer services that increase the firm’s exposure to unauthorized access to confidential client data. Our strong encryption and authentication features as well as on-premise deployment are critical to helping our legal clients offer an easy to use, firm sanctioned self service secure file transfer facility to attorneys and administrative staff. And we are not resting on our laurels. Stay tuned for future announcements of product enhancements designed to improve attorney/client collaboration.
BDS in FIPS 140-2 in CMVP certification process
Biscom Delivery Server is now “in process” for FIPS 140-2 certification. FIPS 140-2 (Federal Information Processing Standard) certification is a US Government security standard for accrediting cryptographic modules. The National Institute of Standards and Technology (NIST) defines the cryptography requirements in its FIPS 140-2 publication, and software like BDS must pass the Cryptographic Module Validation Program (CMVP) in order to receive certification. Level 1 is geared towards software solutions, whereas level 2 is required for hardware solutions that have physical security mechanisms.
Nashville consulting company exposes personal information of 18,000 students
The unfortunate victims of this latest data breach of student and parent records was discovered when a mother Googled her child’s name and turned up his social security number. In all, 18,000 student records and information about 6000 parents were also exposed when strategy consulting company Public Consulting Group accidentally left this information on an unsecure server that was indexed by Google.
Dialogic congratulates Biscom on 25th anniversary
We just recently celebrated our 25th anniversary as an enterprise software company providing document delivery solutions globally, which include customers from 30 of the Fortune 100 companies. Thanks for the note Dialogic!
Secure File Transfer for Human Resources at Zuckerman Spaeder LLP
We have a lot of customers using BDS for HR – obviously HR departments have lots of personal information and they do have to work with insurance companies, health plans, payroll, etc. Zuckerman Spaeder LLP, a top law firm with offices in Washington, New York, Tampa, and Baltimore, started off using BDS in its HR department. News of the success led to the expansion of BDS to its litigation support team, and now is firm-wide.
CIO Shawn Mitowski just penned an article on FindLaw detailing how he chose Biscom’s secure file transfer solution to solve the security concerns of e-mail, and other unsecure methods to exchange documents. Big selling points were ease of use and security, as well as large file support. Thanks for the nice article Shawn!
Harvard vs. Yale – now data breaches replace football rivalry
The Ha
rvard and Yale football rivalry is the second oldest continuing rivalry in college football history. “The Game” pits Harvard Crimson against Yale Bulldogs and goes back to 1875.
However, there’s another rivalry that neither Harvard or Yale cares to win – being the unfortunate victim of a data breach. In February 2008, hackers accessed about 10,000 personal records from Harvard, including 6,000 social security numbers. Just last month, Yale discovered that an FTP server was indexed by Google after a search algorithm change, resulting in the names and social security numbers of 43,000 faculty, staff, and students made publicly available for ten months.
Their recourse – credit monitoring service for a year. Doesn’t really solve the problem, but it does end up costing these universities quite a bit of money. Or, they could have invested a small fraction of the cost and penalties in technology and solutions that would have mitigated or even prevented these problems entirely. These two prominent institutions of higher learning should worry less about losing “The Game” and more about losing their data and information assets.
BDS 4.1 released with AV and PayPal integration
We’re excited to announce Biscom Delivery Server version 4.1 with two major integrations: anti-virus and PayPal.
We’ve partnered with OPSWAT and have tightly integrated their AV product Metascan, which uses three separate AV engines to scan any files transferred through BDS for threats.
We’ve also added the ability to easily add e-commerce to your file transfers. Using PayPal, BDS senders can charge recipients for any delivery. Recipients who want to download your files can pay with their credit card or PayPal account, and once that transaction is complete, are able to retrieve the files.
Biscom Delivery Server 
You must be logged in to post a comment.