Use Encryption To Prevent Health IT Data Breaches

The advancement of technology has enabled us to work untethered from our traditional office environments. The increase in the mobile workforce also necessitates the adoption of security solutions that protect the devices (laptops, tablets, USB stick etc.) and data that is travelling (physically), even when it is at rest. Industry surveys show that almost 86% of organizations have had laptops lost or stolen with 56% of those with data being breached. Add to this the increased vigilance required for medical and Personal Health Information (PHI) and we quickly understand the need for solutions like full disk encryption to prevent unauthorized access to data.

In the healthcare sector, we find acts like the Health Insurance Portability and Accountability Act (HIPAA) mandating the encryption of PHI at rest and in motion [See HIPAA Security Rule - "Implement a mechanism to encrypt and decrypt EPHI." Rule 164.312(e)(2)(ii), 164.312(a)(2)(iv)]. However, the adoption of such security solutions, even though mandatory, is sometimes circumvented by end users and organizations due to disk encryption solutions not being transparent enough and slowing down the host system significantly.

Innovative companies like Intel Corporation hopes to mitigate the impact of system slowdown through the use of technologies like Intel® Advanced Encryption Standards – New Instructions (AES-NI) which is hardware-accelerated encryption/decryption that may provide enough performance jump to offset the system performance degradation due to disk encryption solutions.

Access This Content To Read This White Paper In Its Entirety.