HIPAA Background
The Health Insurance Portability and Accountability Act (HIPAA),
establishes standards, requirements, and penalties designed to insure
the privacy and security of patient records and data. Finalized in
February 2003, the security provisions of HIPAA include physical,
administrative, and technical safeguards to protect the integrity and
access to information. Covered health care organizations are required
to comply with HIPAA or face penalties of up to 10 years imprisonment
and a $250,000 fine.
TealLock HIPAA Compliance Features
Physicians often use handhelds to help organize their busy schedules, entering
appointments, notes, and tasks into the portable devices. Many of these entries
relate to interactions with patients, compromising their privacy if the information
is not adequately secured.
With more and more of this patient-related data finding its way onto to
physician-owned handhelds, a device-wide but flexible security solution like TealLock
is an essential investment; TealLock can play a central role in
any organization's HIPAA compliance program.
TealLock features relating to HIPAA Security Technical Safeguards (164.312) include:
Authenticated Access Control
TealLock password-protection insures that only persons with access rights can view or modify protected health information (PHI) stored on the device.
Password Strength
TealLock password controls prevent insecure passwords from being selected. Options requirements include password length, inclusion of numbers inclusion of letters and requirements for mixed case passwords.
Password Aging
TealLock password expiration can require passwords be changed at regular intervals and be required to differ from recently used ones.
Automatic Logoff
TealLock can automatically lock the handheld a specified number of minutes after a password is entered, performing an automatic logoff.
Inactive Session Termination
TealLock can automatically lock the handheld after a specified number of minutes of inactivity.
Emergency Access Procedure
TealLock Corporate/Enterprise Edition’s administrator passwords can provide authorized individuals full access rights to data stored on the handhelds in an emergency.
Data Partitioning
TealLock’s password permissions, guest password, and protected mode access can limit access to specific applications and their data to specific passwords, preventing unauthorized data access from guests who have been loaned a handheld for a specific purpose.
Encryption and Decryption
TealLock supports encryption and decryption of data stored both in memory and on external storage cards with industry-standard 128-bit protection and optional 128-bit AES encryption in TealLock Enterprise Edition.
Audit Trail
TealLock’s History Log feature provides an audit trail for tracing for all logins, logouts and attempted logins using any enabled device passwords.