About Thawte

• Contact Us
• Worldwide Sites
• Why Thawte

As more hospitals migrate their records to digital systems, cybersecurity has become a major concern for healthcare administrators. The introduction of new connections within internal systems could lead to more potential vulnerabilities that need to be accounted for in order to safeguard sensitive information. The Health Insurance Portability and Accountability Act and the Health Information Technology for Economic and Clinical Health Act have attempted to persuade medical practitioners to find the right balance between making the most of new digital assets while adhering to data security best practices.

Collectively, HIPAA and HITECH present a carrot and stick approach to encouraging better data management practices in the healthcare space. On the one hand, HIPAA has established rigid requirements for hospitals and other medical facilities to follow regarding the protection of patient information and records. Federal officials have become quite diligent about following up on HIPAA compliance and levying harsh fines when warranted. In especially egregious instances of cybersecurity failure, offending organizations have been fined as much as $1.5 million per violation.

Meanwhile, HITECH has outlined opportunities for healthcare facilities to receive financial assistance if they can demonstrate that they are leveraging digital records to improve patient care. In order to meet the standards for HITECH's "meaningful use" requirements, medical practitioners must show that they are also doing their part to secure patient records and personal information. From a financial standpoint, it's clearly imperative that members of the healthcare community take every available opportunity to enhance their cybersecurity methods.

Comprehensive cybersecurity is a must
The Department of Health and Human Services recommends that organizations conduct risk analysis and management processes in order to identify deficiencies and begin addressing them. One area that healthcare providers should focus on is protecting data when it is shared with other medical providers operating outside of internal networks. HHS noted that extreme care needs to be exercised when information is sent from one entity to another. Data thieves can intercept transmissions with relative ease, requiring the use of encryption to prevent intruders from accessing patient health records. SSL certificates are absolutely critical in this regard, providing the security needed to stop major breaches before they happen and ensure HIPAA compliance.

SSL protects in-transit data
Capture Billing & Consulting CEO Manny Oliverez stated that if healthcare administrators want to rest easy knowing that they are fully compliant with HIPAA and HITECH, they should implement encryption at every opportunity, including utilizing SSL solutions. The likelihood of a healthcare breach has increased in recent years as more cybercriminals recognize the value of medical information on the black market. As such, hospitals and other healthcare facilities should plan for an eventual attack - if not a full-blown breach.

Because self-monitoring is such an important component to ensuring HIPAA compliance, medical administrators may need to employ more advanced types of SSL technology to gain the requisite oversight. Federal authorities may be more eager to drop the hammer on an organization that neglected to address lingering cybersecurity vulnerabilities. One of the major advantages of an extended validation SSL certificate is that users can view their security status in real time. This type of SSL makes it easy for individuals to recognize when an encrypted connection has been established - or more importantly, not.

Any time sensitive information is passed from one party to another over digital channels, a secure link needs to be made. Within a healthcare institution that handles electronic health records, such transactions will likely occur numerous times in a single day. Even a momentary slipup can give cybercriminals the opening they need to steal sensitive patient information. These incidents will not go unpunished by regulatory bodies, leading to expensive fines that can severely set back hospital operations. Encrypting transmissions will go a long way toward preventing such costly breaches.

Stay compliant with HIPAA and HITECH with SSL encryption today.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +353 1 793 9141
Fax: +27 21 819 2950