1 Secure Cloud Hosting for Healthcare Organizations
2 OUR MISSION FIREHOST MISSION Our core is an unshakable, no compromise commitment to protect our customer's digital assets with integrity and innovation by utilizing our expert experience in security, compliance, performance, and service.
3 FIREHOST PILLARS Security Fully managed security protecting you from real threats Compliance Exceeding compliance requirements to reduce your risk Performance Benchmarked performance - there's no competition Service Flexibility and control at your fingertips - backed by experts Noted in Gartner s 2012 Magic Quadrants for MANAGED HOSTING PUBLIC CLOUD &
4 GEOGRAPHIC DIVERSITY US, EU, and APAC Data Centers Full High-Availability Cloud Architecture Data Center Locations CDN Points of Presence DNS Points of Presence Secure MPLS Network
5 HIPAA INCIDENTS HIPAA Incidents Utah Department of Health: 780,000 affected individuals. Breach discovered more than 30 days later of server hack. 1 year Free Credit Monitoring and insurance (estimates of up to $234 million on just the monitoring portion alone) Sutter Medical Foundation: 943,000 individuals effected. 11 Lawsuits totaling between $944 million to $4.25 billion. Tricare Management: 4,901,432 individuals effected. $4.9 billion sought in class action lawsuit. (even with exhausted insurance from SAIC, best case scenario is Tricare is out a $10 million deductible)
6 HIPAA INCIDENTS But there s more June 13, Stanford Reports 5 th big HIPAA Breach (additional 13,000 records). January 9, Stanford has breach (57,000 records) after an unencrypted company laptop containing patient medical information was stolen from physician s car July 2013 Stanford University Medical Center loses 2,500 patient records of a HIPAA breach after unencrypted desktop stolen Notified 20,000 patients that their protected information was wrongly posted on a student website (resulted in a $20 million lawsuit)
7 HIPAA PENALTIES Fines are trickling down and will continue to get worse! September 23 rd 2013, HIPAA Omnibus went into effect Increased Civil Penalty structure required under the HITECH Act (Penalties as high as $1.5 million per violation now) BAA (Business Associate Agreements) mandatory Smaller employers are finding themselves on the receiving end of HIPAA audits. Now is a good time to review all your information technology and HIPAA compliance programs to make sure all required safeguards are in place. Computer Networks: The HHS s Federal Office for Civil Rights (OCR) has stepped up HIPAA audits including covered entities. Significant monetary fines have been levied up to millions of dollars for what appeared to be small issue
8 A Layered Explanation THE HEALTHDATA REPOSITORY Move your healthcare data to a secure HealthData Repository A FireHost HealthData Repository can provide a safe haven for regulated healthcare data. Leverage the HITRUST certified private cloud infrastructure to decouple health records from existing IT environments.
9 A Layered Explanation THE HEALTHDATA REPOSITORY Current Situation HIPAA-regulated data sits in a monolithic IT environment High risk and broad scope for compliance Burdened by slow audit times and high costs Vulnerable to threats
10 A Layered Explanation THE HEALTHDATA REPOSITORY Why a Secure HealthData Repository? Reduce the scope of compliance for faster, more cost effective audits Increase the security of sensitive data
11 A Layered Explanation THE HEALTHDATA REPOSITORY Reduce Risk Decouple regulated data from local Infrastructure Access to sensitive data restricted and secured HITRUST-certified and BAA friendly
12 A Layered Explanation THE HEALTHDATA REPOSITORY Security Multiple layers of fully managed security Web application firewalls Unlimited firewall zones IP reputation management DDoS mitigation SSLVPN/L2LVPN secure access Physically isolated secure SAN
13 A Layered Explanation THE HEALTHDATA REPOSITORY Compliance HITRUST-certified infrastructure to address HIPAA compliance Reduced scope for compliance Faster audit times and lower costs Less procedural documentation and policies
14 A Layered Explanation THE HEALTHDATA REPOSITORY Performance Deploy quickly Multiple points of presence for global redundancy Ranked #1 in 3 rd party performance benchmarks Infrastructure close to application for low latency
15 A Layered Explanation THE HEALTHDATA REPOSITORY Service 24x7x365 certified engineer support Fully managed security hardware and software Seasoned compliance experts on staff
16 The Whole Story A Layered Explanation THE HEALTHDATA REPOSITORY
17 INTELLIGENT SECURITY MODEL
18 Stand Out in the Cloud FIREHOST PERFORMANCE Unmatched Benchmarked Performance We put performance to the test AND WON It's Easier to Win Races when Every Component is Built for Speed and Availability Ranked #1 in server performance, memory speed, processor speed, and storage speed
19 Stand Out in the Cloud FOR PARTNERS For Complete Compliance, it s a Shared Responsibility (but we have you covered)
20 Stand Out in the Cloud CREDENTIALS Security and Compliance Validation Auditor and security assessment friendly infrastructure PCI DSS 2.0 Compliant FireHost has been validated as a Level 1 Service Provider under PCI DSS v2.0 for our services. Our validation includes specific PCI DSS controls on which customers can rely. SSAE 16 SOC 1 / SOC 2 FireHost has received SOC 1 Type 2, SOC 2 Type 2, SOC 3 and ISAE 3402 reports. These reports demonstrate the viability of FireHost s control program over time. HIPAA/HITRUST FireHost has been certified against the Common Security Framework (CSF) from the Health Information Trust Alliance (HITRUST) and has been certified for HIPAA compliance. ISO FireHost has received a certificate of approval for our control program against the ISO/IEC 27001:2005 standard for Information Security Management Systems. Validated by multiple third parties
21 A Layered Explanation THE HEALTHDATA REPOSITORY Thank You Jim Cuddy VAR Partner Manager (US) x8160 (Cell)
Cloud Security Keeping Data Safe in the Boundaryless World of Cloud Computing Executive Summary As cloud service providers mature, and expand and refine their offerings, it is increasingly difficult for
Tenzing Security Services and Best Practices OVERVIEW Security is about managing risks and threats to your environment. The most basic security protection is achieved by pro-actively monitoring and intercepting
Network Security & Privacy Risks in the Health Care Industry May 2012 Aon Broking - Professional Risk Solutions 2012 Aon plc Brief Description: Conditions are ripe for health care organizations to fall
Technical Whitepaper SimplySecure TM Architecture & Security Specifications, compliance and certification considerations for the IT Professional Rob Weber November 2014 Foreward First-in-class web-managed
6465 College Park Square Virginia Beach, VA 23464 757-273-8219 (main) 757-962-6989 (fax) stratuslive.com Contents Security Services... 3 Rackspace Multi Layered Approach to Security... 3 Network... 3 Rackspace
A COALFIRE WHITE PAPER Using s Cloud & Data Center Security Solution to meet PCI DSS 3.0 Compliance Implementing s Deep Security Platform in a Payment Card Environment April 2015 Page 1 Executive Summary...
Cloud Infrastructure Operational Excellence & Reliability Page 1 Operational Excellence & Reliability Microsoft has invested over $15 billion in building one of the world s largest global cloud infrastructures.
Best Practices for Architecting Your Hosted Systems for 100% Application Availability Overview Business Continuity is not something that is implemented at the time of a disaster. Business Continuity refers
A GUIDE TO Security and privacy in a Hosted Exchange environment What s inside this white paper: A two-page checklist for comparing the security of hosted Exchange providers Definitions for each element
WHITE PAPER Security Solutions The Identity and Access Management Imperative: Securing the Extended Enterprise Introduction For nearly three years, a junior trader allegedly used stolen passwords and insider
COMPLIANT CLOUD INFRASTRUCTURE FOR THE PUBLIC SECTOR SERVING STATE, LOCAL GOVERNMENT AND EDUCATION ORGANIZATIONS CONTENT LOGICWORKS AT-A-GLANCE 04 PRIVATE CLOUD HOSTING 05 NETWORK AND SECURITY 07 DEVOPS
Why HIPAA Compliance Should Scare You and What You Should Ask Your Business Phone Service Provider NOW By Mike McAlpen, 8x8 Executive Director of Privacy, Security and Compliance The Champion For Business
A Look Back: U.S. Healthcare Data Breach Trends A retrospective analysis of U.S. healthcare data breaches affecting 500 or more individuals Authors: Chris Hourihan and Bryan Cline, Ph.D. for Health Information
Your Guide to Cost, Security, and Flexibility What You Need to Know About Cloud Backup: Your Guide to Cost, Security, and Flexibility 10 common questions answered Over the last decade, cloud backup, recovery
Page1 Implementing Electronic Medical Records (EMR): Mitigate Security Risks and Create Peace of Mind The use of electronic medical records (EMRs) to maintain patient information is encouraged today and
Convincing Your CFO That Network Security Is An Investment by Keith Bromley First Edition Copyright 2015 Ixia. All rights reserved. This publication may not be copied, in whole or in part, without Ixia
Advantages of Managed Security Services versus In-house Security Information Management (SIM) Introduction Proactively managing information security is a critical component to mitigating the risks to your
THE IMPORTANCE OF EMAIL ENCRYPTION IN THE HEALTHCARE INDUSTRY EXECUTIVE SUMMARY Email is a critical business communications tool for organizations of all sizes. In fact, a May 2009 Osterman Research survey
Cyber-Security Essentials for State and Local Government Best Practices in Policy and Governance Operational Best Practices Planning for the Worst Case Produced by with content expertise provided by For
The Critical Security Controls for Effective Cyber Defense Version 5.0 1 Introduction... 3 CSC 1: Inventory of Authorized and Unauthorized Devices... 8 CSC 2: Inventory of Authorized and Unauthorized Software...