Sendmail and PostX: Simplifying HIPAA Email Compliance. Providing healthcare organizations with secure outbound, inbound and internal email



Similar documents
Encryption Services

FortiMail Filtering. Course 221 (for FortiMail v5.0) Course Overview

Security Considerations

Implementing Transparent Security for Desktop Encryption Users

Encryption Services

A NATURAL FIT. Microsoft Office 365 TM and Zix TM Encryption. By ZixCorp

FortiMail Filtering. Course 221 (for FortiMail v4.2) Course Overview

FortiMail Filtering. Course for FortiMail v4.0. Course Overview

Evaluation Guide. eprism Messaging Security Suite V8.200

ZixCorp. The Market Leader in Encryption Services. Adam Lipkowitz ZixCorp (781)

Top 10 Features: Clearswift SECURE Gateway

Data Loss Prevention and HIPAA. Kit Robinson Director

How To Secure Mail Delivery

V1.4. Spambrella Continuity SaaS. August 2

HIPAA and HITECH Compliance for Cloud Applications

Technology Blueprint. Protecting Intellectual Property in . Guarding against information-stealing malware and outbound data loss

Compliance Quick Reference Guide

How To Buy Nitro Security

ZSCALER SECURITY CLOUD FOR LARGE AND MEDIUM ENTERPRISE

Securing enterprise collaboration through and file sharing on a unified platform

Security Solutions

Mailwall Remote Features Tour Datasheet

Outbound Security and Content Compliance in Today s Enterprise, 2005

全 球 資 安 剖 析, 您 做 確 實 了 嗎? Albert Yung Barracuda Networks

FortiMail Filtering Course 221-v2.0. Course Overview. Course Objectives

The Fortinet Secure Health Architecture

Donna S. Sheperis, PhD, LPC, NCC, CCMHC, ACS Sue Sadik, PhD, LPC, NCC, BC-HSP Carl Sheperis, PhD, LPC, NCC, MAC, ACS

The Fortinet Secure Health Architecture

A Buyer's Guide to Data Loss Protection Solutions

Data Security and Integrity of e-phi. MLCHC Annual Clinical Conference Worcester, MA Wednesday, November 12, :15pm 3:30pm

Websense Data Security Suite and Cyber-Ark Inter-Business Vault. The Power of Integration

Stop PHI Leaks: A Guide to the Importance of Encryption and HIPAA

The Impact of HIPAA and HITECH

What is Security Intelligence?

Encryption Made Simple

Transport Layer Security (TLS) About TLS

Direct Secure Messaging: Improving the Secure and Interoperable Exchange of Health Information

Cisco IronPort C370 for Medium-Sized Enterprises and Satellite Offices

The CIO s Guide to HIPAA Compliant Text Messaging

FortiMail Filtering Course 221-v2.2 Course Overview

SurfControl Filter for SMTP

HIPAA Omnibus Compliance How A Data Loss Prevention Solution Can Help

SESA Securing with Cisco Security Appliance Parts 1 and 2

Cisco Cloud Security Interoperability with Microsoft Office 365

Introducing the NASW Updated Sample HIPAA Privacy Forms and Policies

WISHIN Pulse Statement on Privacy, Security and HIPAA Compliance

WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8

Trend Micro Healthcare Compliance Solutions

Information Protection Framework: Data Security Compliance and Today s Healthcare Industry

A Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards

Compliance in 5 Steps

Q1 Labs Corporate Overview

Encryption Made Simple

HIPAA Compliance and the Protection of Patient Health Information


The GlobalCerts TM Secur Gateway TM

Options for encrypted communication with AUDI AG Version of: 31 May 2011

Mod 08: Exchange Online FOPE

HIPAA DATA SECURITY & PRIVACY COMPLIANCE

Symantec DLP Overview. Jonathan Jesse ITS Partners

A New Standard in Encrypted . A discussion on push, pull and transparent delivery

White Paper Achieving HIPAA Compliance through Security Information Management. White Paper / HIPAA

Preparing for the HIPAA Security Rule

1 Product. Open Text is the leading fax server vendor in the world. *

When Data Loss Prevention Is Not Enough:

Best Practices for Choosing a Content Control Solution

MESSAGING SECURITY GATEWAY. Detect attacks before they enter your network

Achieving PCI Compliance Using F5 Products

Permeo Technologies WHITE PAPER. HIPAA Compliancy and Secure Remote Access: Challenges and Solutions

APPROVED BY: DATE: NUMBER: PAGE: 1 of 9

Privacy Impact Assessment

The Netskope Active Platform

GETTING STARTED SECURE FILE TRANSFER PROCEDURES A. Secure File Transfer Protocol (SFTP) Procedures

Mimecast Large File Send

Transcription:

Sendmail and PostX: Simplifying HIPAA Email Compliance Providing healthcare organizations with secure outbound, inbound and internal email October 5, 2005

About Your Hosts Sendmail Complete email security and infrastructure for large enterprises Serves over half of the Fortune 100 Deep strength in policy-driven email security Partnership with PostX to provide secure messaging solutions PostX Only vendor that solves 3 core messaging applications - Compliance - Document Delivery - Customer Interaction No client software required 10 years of leadership in secure messaging Only secure messaging solution endorsed for HIPAA compliance 2 COMPANY CONFIDENTIAL

Featured Speakers John Ore Director of Product Management Sendmail, Inc. Shawn Eldridge Director of Product Strategy PostX Brian Lane Brian Lane VP Technology American Hospital Association 3 COMPANY CONFIDENTIAL

Agenda HIPAA overview AHA endorsement Technical requirements Solution architecture HIPAA email policies Case study 4 COMPANY CONFIDENTIAL

HIPAA Email Overview Healthcare email: unprecedented opportunity Customer convenience, access to information Cost savings vs. postal mail, call centers Faster, more efficient partner communications HIPAA mandate for secure email Protected Health Information (PHI) individually identifiable info Must be protected to ensure privacy and confidentiality when electronically stored, maintained or transmitted Affects providers, payors and clearinghouses engaged in the electronic maintenance or transmission of PHI Roadblocks to adoption Usability Transparency to senders and recipients Automation 5 COMPANY CONFIDENTIAL

What is PHI? Health information includes: Patient s past, present, or future physical or mental health Condition of the patient Healthcare services provided to the patient Payment for these services PHI is subject to HIPAA regulations when combined with individual identifiers, for example: Patient s name Phone/fax numbers Email address Mailing address Social security number Medical record number Photographs Fingerprints Disclosures permitted With patient s permission When required by law 6 COMPANY CONFIDENTIAL

Brian Lane, American Hospital Association AHA overview Why endorse technologies The selection process Why PostX 7 COMPANY CONFIDENTIAL

American Hospital Association (AHA) About the AHA World s largest and most trusted association of hospitals and health systems Founded in 1898 Over 5,700 hospitals, 38,000 physicians, and many other health care organizations Primary focus is on policy, advocacy, and member services About AHA Solutions AHA Solutions is the endorsement arm of AHA Focused on providing answers and solutions for membership to aid with technology Maintains endorsement standards 8 COMPANY CONFIDENTIAL

The Selection Process Endorsement established to provide a standardized secure messaging solution for HIPAA compliance The AHA performed a thorough market assessment of secure messaging vendors, with support from Ernst & Young Assessment criteria included: Product: HIPAA specific capabilities, R&D roadmap, scalability, integration abilities with existing technologies, ease of use Company: Management team, company vision, health care focus and knowledge, financial strength and viability, partnerships Implementation: Services and support capabilities, project management, supported platforms Pricing: Ability to service all sized departments and/or organizations The AHA awarded its endorsement to PostX for their secure messaging solutions. 9 COMPANY CONFIDENTIAL

Key Technical Requirements Policy Enforcement Scan all outbound traffic for PHI, including attachment content Utilize HIPAA lexicon Transparent to end-users Secure Delivery Must provide multiple delivery options (Push and Pull) Support multiple encryption standards (S/MIME, OpenPGP, TLS) No client software for senders or recipients Allow customers/external users to send encrypted mail inbound Integration with Existing Email Infrastructure Leverage existing systems for routing, management, etc Integrate with anti spam, -virus, threat prevention systems System-wide visibility and reporting Multiple deployment options software or appliance 10 COMPANY CONFIDENTIAL

Solution Architecture 11 COMPANY CONFIDENTIAL

Email Policy Requirements HIPAA Policy is More than Keyword Checks Utilize HIPAA lexicon to identify PHI Check for regular expressions (account numbers, social security) Check attachment types and content Query directories for user attributes Quarantine for supervisory review Notify end-users and supervisors of selected actions Report on policy activity Write to log files for audit and forensics HIPAA: One Part of the Larger Policy Framework Coordination with spam and virus scanning Protection of confidential data Appropriate use policies Selective archiving 12 COMPANY CONFIDENTIAL

Case Study Regional healthcare provider 4 hospitals 24 outpatient centers 1,100 physicians Requirements: Comply with HIPAA PHI requirements Support for both message-level and connection-level (TLS) encryption Fast deployment Ease of use for internal and external users Integration with email routing infrastructure 13 COMPANY CONFIDENTIAL

Wrap-up Request more information http://www.sendmail.com/hipaa info@sendmail.com Purchase Healthcare Suite by December 30 for special pricing Call 1-888-594-3150 for details Thank you for attending 14 COMPANY CONFIDENTIAL

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information