In order to facilitate the RxPhoto requirement we deployed a private cloud. In conjunction with this deployment we partnered with RxPhoto in order to achieve Hipaa compliance. Below is a detailed explanation of that software package.
In order to comply with HIPAA, it is required that log data is reviewed, an Intrusion detection solution is implemented and that it conducts regular vulnerability scans to help strengthen the security programs and protect PHI. The RxPhoto HIPAA Compliance suite provides broad coverage for HIPAA requirements and keeps health care applications and infrastructure secure. As a managed security and compliance solution based on a SaaS delivery model and a 24 x 7 Security Operations Center, RxPhoto keeps healthcare applications and infrastructure secure without the need for additional resources or lengthy deployment cycles that traditional security solutions require.
THE RXPHOTO HIPAA COMPLIANCE SUITE INCLUDES:
Provides 24x7 security monitoring, expert analysis, and guidance on security events and incidents. This service increases threat detection accuracy, reduces false positives, and allows scarce IT resources to stay focused on business-critical projects. Everything is managed from RxPhoto’s state-of-the-art, 24x7 Security Operations Center (SOC), staffed by security professionals with Global Information Assurance Certification (GIAC) from the SANS Institute.
RXPHOTO WEB SECURITY MANAGER
Proactive defense against web application attacks, providing immediate protection against zero-day attacks that signatures cannot detect and is backed by the 24×7 Security Operations Center that monitors all activity and ongoing WAF tuning to optimize protection, removing the biggest challenge of WAF utilization.
RXPHOTO LOG MANAGER™
Certified security and compliance experts analyze log data to identify potential compliance issues as well as suspicious activity that may indicate a security risk. Organizations can reduce the costs associated with audit preparation, as well as gain deeper visibility into the activity occurring throughout their environments, by using RxPhoto Log Manager to automate the collection, aggregation, and normalization of log data across cloud and on premises environments.
RXPHOTO THREAT MANAGER™
Detects and prevents network intrusions, identifies vulnerabilities and mis-configurations, and automates security analysis with prebuilt alerts and reports for key compliance mandates; backed by security experts who provide detailed remediation guidance as incidents are encountered.
Two Factor Authentication - HIPAA, recommends that healthcare organizations and vendors implement two-factor authentication for granting remote access to systems containing patient data.
We have incorporated 2 factor Authentication (via Duo, our trusted technology partner)– This ensures our end user’s secure access to their sensitive data, while giving you the insight you need to make sure that they’re accessing it from up-to-date and authorized devices.