RADAR Meets All HITECH Requirements for Mandated Data Breach Risk Assessment, Documentation and Reporting
BEAVERTON, Ore., July 21 /PRNewswire/ -- Whenever there is a security breach of any size involving protected health information (PHI), the healthcare industry is now required under the HITECH Act to complete an incident-specific risk assessment. ID Experts®, the leader in comprehensive data breach solutions that deliver the most positive outcomes, today announced RADAR—Risk Assessment Documentation and Reporting—the industry's first expert software tool to measure an incident's risk index (IRI) by combining the severity of the episode and the sensitivity of the exposed data to quantify the incident's overall harm threshold. Designed for healthcare providers, HIPAA covered entities, and their business associates, RADAR was developed to efficiently and consistently meet all of the requirements for complying with the HITECH Act data breach notification provisions for security and privacy breach incident harm threshold assessment, documentation and reporting.
Security breaches are now commonplace in healthcare; more than 55 were reported to the Department of Health and Human Services (HHS) in the first six months of 2010. In fact, healthcare is the second most breached industry, according to the Identity Theft Resource Center. And security breaches, whether digital- or paper-based, can happen at any given moment—physical theft of a laptop from an employee's car, deliberate abuse of system access, misdirected faxes and emails, malware attacks, unintentional human error, unauthorized access, a lost backup drive. Additionally, the future of healthcare dictates the use of electronic medical records, raising fresh concerns of protecting patient privacy, PHI threats and medical identity theft.
"Organizations may need guidance, especially when dealing with PHI breaches, so they cover their bases to protect individuals and follow all of the rules and laws," said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. "ID Experts' new tool offers consistency and efficiency for evaluating and reporting a security breach, and provides the analysis and documentation required of a mandated risk assessment."
Following any security breach, RADAR will guide the privacy or security officer to analyze the incident and exposed data to quantify the incident, determine whether the exposed information includes PHI, whether any exceptions apply, and the likelihood that the information could be misused. The results will help companies determine the potential risk of harm to the individuals affected by each data breach incident and take appropriate steps to mitigate the potential harm to those affected, while fulfilling all of the HITECH requirements enforced by the HHS, including determining if notification is required.
"Even the simple act of a stolen laptop can put a healthcare provider and its sensitive patient data at risk," said Bob Gregg, CEO of ID Experts. "An organization that conducts a security incident risk assessment using RADAR can reduce the hassle and ambiguity of what to do post-breach, especially important now, as HHS audits are becoming more frequent."
Pricing and Availability
RADAR is a web-based tool currently in beta test that will be widely available in August. For more information on RADAR and ID Experts healthcare solutions, please visit http://www.idexpertscorp.com/breach/radar. For specific information on RADAR, please send a request to [email protected].
About ID Experts
ID Experts is the leader in comprehensive data breach solutions that deliver the most positive outcomes. The company has managed hundreds of data breach incidents, protecting millions of affected individuals, for leading healthcare organizations, corporations, financial institutions, universities and government agencies. In healthcare, the company contributes to relevant legislation and rules including HITECH and is a corporate member of HIMSS. ID Experts is active with organizations that advocate for privacy for Americans including ANSI/Identity Theft Prevention, Identity Management Standards Panel and the International Association of Privacy Professionals. For more information, visit http://www.idexpertscorp.com/.
SOURCE ID Experts