Hippa.mov


Uploaded by VoxMobileTechnology on 19.09.2010

Transcript:
Hi I'm Gerald Hetrick from Vox Mobile, I'm our Chief Technology Officer,
and I want to talk to you about Hippa and mobile devices today. So how much time have
you spent wondering or being concerned whether or not you are meeting Hippa regulations from
your mobile device usage and how your end-users are using the mobile devices and accessing
health records? So real quick, from a quick timeline perspective, Hippa came about in
about 1996 and really gave us some loose suggestions or protocols or writings about what we should
be doing from a mobile perspective. Didn't give us a lot of guidelines and thus there
was a lot of confusion out there. In 2008, or end of 2008 early 2009, the American Recovery
and Reinvestment Act came about and about 40 million dollars was given to the medical
community, or was focused on the medical community, to really make protocols and policies from
Hippa, you know, applied and more direct. And definitively we learned and we were told
that, you know, medical health information in electronic form must specifically be unusable,
unreadable and indecipherable to unauthorized users. So let's take a quick look at what
that means. So very specifically, data in motion, so data that's leaving and traveling
from one place to another place on the network or outside the network. Data at rest, which
is the data that lives in databases whether its on a device or back in SQL servers or
what-not. Data in use, so when I'm actually picking up this device and accessing someone's
record and data disposed when I don't need it anymore when I get rid of it, all that
data must be, must meet that unreadable and indecipherable perspective, meaning it must
be encrypted, it must be encrypted to acceptable manners. So how can we accomplish this? Well
one of ways we recommend is to really leverage the Good for Enterprise, Good Technology solution.
If you look at these captions, data in use, data in motion, data disposed, really, if
you layer in the Good Technology Good for Enterprise solution, you've got devices that
have the Good client on the device, and that Good client is separately encrypted in a separate
compartment so that when the data is in use and at rest we are meeting the guideline.
Data in transit goes through a NOC just like your blackberry world, so it goes through
the NOC in an encrypted AES tunnel and you don't have to worry about whether anyone can
get to it. You know, data on the back end, so once it gets into the back end server,
into the back end environment, you have a server behind the firewall it talks to those
electronic health record applications and its handed off using your internal protocols
that are already secure just like the rest of your applications. So once again, Hippa's
a little bit clearer now, what we can and can't do from a mobile device perspective
is a little bit more defined. So we really recommended the Good for Enterprise solution
to kind of help you be compliant and make sure your devices, your non blackberry devices,
are in a compliant state. If you have any more questions we're sure to have more video
blogs and blogs about the topic, so feel free to check back. Once again, my name is Gerlad
Hetrick from Vox Mobile. Thanks.