Identity Finder Helps You Comply with HIPAA and HITECH
Hospitals and healthcare professionals must protect patient privacy and comply with state and federal regulations while maintaining high
levels of patient care. Identity Finder DLP is the leading sensitive data discovery and protection software that helps you comply with HIPAA
and HITECH quickly, accurately, and affordably.
Identity Finder helps Heathcare providers and other Covered Entities comply with Health Insurance Portability and Accountability Act (HIPAA).
HIPAA mandates the adoption of health insurance codes, and the Privacy and Security Rules. Identity Finder helps automate the historically
laborious data discovery and remediation work required. The Privacy Rule requires Covered Entities to safeguard Protected Health
Information (PHI), whether in paper or electronic format. The Security Rule complements the Privacy Rule, and creates special
administrative, physical, and technical obligations with respect to electronic PHI (ePHI). HIPAA also requires Covered Entities to
monitor the PHI protection practices of Business Associates. Identity Finder's data discovery and data loss prevention capabilities are
a critical component to your HIPAA controls and compliance.
The Health Information Technology for Economic and Clinical Health (HITECH) Act creates new incentives, liability, and penalties
that encourage adoption of ePHI systems. It also creates breach notification duties for healthcare information breaches. Identity
Finder will facilitate PHI controls and help you comply with HITECH.
PHI includes any information about health status, provision of health care, or payment that can be linked to a specific individual.
PHI is interpreted broadly and includes data like: Names, addresses, dates, phone numbers, email addresses, social security numbers,
medical record numbers, account numbers, drug enforcement agency numbers, and other data. Identity Finder helps
find these pieces of information on their own or
when combined in the same location.
PHI leakage occurs in even the most secure environments. Authorized employees regularly export information outside secure software
just to do their jobs. Once the information is outside a software application, it quickly makes its way to desktops, email servers,
file servers, and USB drives. To prevent leakage, Identity Finder searches and cleans all of the sensitive data on
desktops,
email servers, file servers,
databases,
websites, and
network devices. Identity Finder not only searches, but also provides
remediation capabilities to ensure compliance inside files,
data copied to USB drives, and emails including attachments containing PHI.
How You Will Comply with HIPAA and HITECH
Identity Finder enforces compliance with HIPAA and HITECH in the following ways:
- Discovers and inventories PHI in any file type on local drives and network devices over the entire healthcare network;
- Enables privacy and compliance officers to shred/destroy, redact, encrypt, or quarantine errant PHI;
- Enables administrators to identify specific devices and employees who store PHI, and enforce institutional PHI policies from a centralized console;
- Enables security officers and auditors to conduct security and compliance assessments showing a gap analysis between what is in and out of compliance;
- Reduces your HIPAA/HITECH footprint by removing PHI from systems and employees that do not need it;
- Institution-wide reports that will decrease HIPAA audit and compliance costs;
- Encourages and empowers employees to engage in PHI best practices by empowering them to manage errant PHI on their own systems and workstations;
- Creates a comprehensive PHI inventory over the entire healthcare network;
- Identity Finder's PHI inventory enables a targeted, surgical response, should a breach ever occur;
- Allows Covered Entitles to audit Business Associates' PHI practices, when installed on Business Associates' networks;
- Identity Finder has an extremely low false-positive rate, enabling you to save on wasted time and costs looking through irrelevant data;
- Provides a dashboard and reporting interface for both technical and executive level employees that displays your compliance status at any point in time.