The HIPAA Privacy Rule (Health Insurance Portability and Accountability Act) applies to protected health information in all forms, including electronic, and addresses the use and disclosure of an individual's health information. It mandates that electronically stored or transmitted personal health information be kept confidential and protected against any threats to its security or integrity.
Organizations are required to have a contingency plan to continue operations in the event of data loss. This contingency plan MUST include details concerning the data backup and recovery process, who handles the backup media, the media rotation process, where the media is stored off-site, how quickly it can be retrieved in the event of a disaster, and all other aspects associated with data backups, protection, security, storage, and recovery.
KineticD supports HIPAA compliance through automated, continuous off-site data protection with on-demand recovery, while ensuring strict data security and confidentiality. KineticD eliminates the damaging impact of data loss.
Data Protection Options
Traditional external data protection options seldom represent adequate data protection solutions for HIPAA compliance. External backup storage media (Zip drives, CDs, DVDs, Tapes, Flash drives, external hard drives, etc.) can be easily stolen, support limited data sizes, often utilize no or minimal encryption security and must be transported to/from off-site storage facilities.
Challenges with these options include:
• High costs. Initial investment starts at $2,000 for tape drives, which will wear out and must be replaced. Tape storage media is an additional cost.
• Limited shelf life. Due to tape costs and media rotation hassles, it is common to resort to taping over and over on the same tape, only to discover that the tape has worn out, rendering the backups unusable. Limited shelf life is also a concern with external disk media.
• Inconvenient. Off-site storage is required, and therefore time consuming and ineffective in emergency situations.
• Limited storage space. Tape storage space is limited and not conducive to automated, unattended backups. CDs and DVDs have even less storage capacity, making automated and unattended backups impractical
Online Backup Services Online backup (remote backup) services represent a fully-automated, secure, unlimited off-site storage facility for quality data backup operations.
• Fully automated data backups at secure off-site facilities.
• No hardware to buy or manage.
• No media to buy, rotate, catalog or store offsite.
• All data is encrypted for security.
• Data can be easily restored on-demand 24x7.
• Service costs can be low compared to external media.
KINETICD FOR HIPAA COMPLIANCE
HIPAA compliant information systems require a combination of administrative procedures, physical safeguards and technical measures to protect patient information during storage and transmission across communication networks. As a significant part of your overall contingency plan, KineticD provides secure, automated data transmission and storage services for data backup and recovery.
KineticD implements the following HIPAA compliant features:
• Continuously Monitored Backup — the proactive backup service contiuously monitors files, extracts changed data, then encrypts and compresses the changes before sending them to remote secure servers.
• Ultimate data security via 448-bit encryption — data is ALWAYS compressed and encrypted locally (on your computer) before being sent over the internet. This ensures all data stored at the data centre remains secure and confidential.
• Authentication traffic between your PC and the data centre is also encrypted.
• At no time will usernames, passwords or data be sent out over the internet in unencrypted form.
• Restores via the web interface are protected using SSL encryption.
• Restricted password access — a secret encryption key (your password) must be specified for ultimate security, even KineticD can't get access your data.
• Your data is kept in a state-of-the-art data centre alongside the systems of several major banks. This highly secure physical infrastructure includes the latest in biometric authentication, video surveillance and round-the-clock security officers.
• All data stored at the data centre and any communication with the data centre is two-way encrypted.
• On-demand, exact copy data retrieval — 24x7x365.
Additionally:
• No cost or hassles with external devices, media, or offsite storage.
• The lowest subscription rates in the industry.
HIPAA privacy rules provide KineticD and its affiliates with "business associate" rights to limited use and disclosure of the information. KineticD never discloses data unless required by law. KineticD does not access any portion of the backup data unless authorized for customer support purposes. KineticD can be fully prevented from data access by use of the client-side secret encryption key.
Please visit the Office for Civil Rights — HIPAA website for more information about the national standards to protect the privacy of personal health information.