HIPAA Compliance

The Health Insurance Portability and Accountability Act (HIPAA) is a set of standards for the privacy and protection of all electronic health information. It includes a Privacy Rule and a Security Rule which require healthcare organizations to increase the security of their patient-related data.

BOSaNOVA's Q3 solution addresses the concerns of healthcare organizations to remain HIPAA compliant. The Q3 storage security appliance encrypts data at rest without effecting your current backup procedures. Installation is quick and key management is strong yet simple.

HIPAA Regulations
The Security Rule featuring Technical Safeguards lists a number of technical requirements healthcare organizations must follow to protect health information. The Access Control Standard requires a covered entity to “Implement technical policies and procedures for electronic information systems that maintain electronic protected health information to access only to those persons or software programs that have been granted access rights as specified in § 164.308(a)(4)[Information Access Management].”

Four implementation specifications are associated with the Access Controls standard one of which is encryption and decryption.

Encryption and Decryption § 164.312(a)(2)(iv)
Where this implementation specification is a reasonable and appropriate safeguard for a covered entity, the covered entity must "Implement a mechanism to encrypt and decrypt electronic protected health information."

Penalties for non-compliance with HIPAA requirements include:

- Civil penalties of $100 per violation up to $25,000 per year for each violation or prohibition violated
- Criminal penalties for knowingly violating patient privacy of up to $250,000 and 10 years imprisonment

For more information please contact us at 800-866-6267 or info@bosanova.net