Simplify HIPAA and HITECH Compliance.

Are you ready for a HIPAA audit?

To comply with the Meaningful Use requirement of privacy and security, organizations must conduct or review security-risk analysis. This involves assessing potential risks to protected health information.

Here are nine ways Imprivata can help you implement necessary updates and correct security deficiencies.

  HIPAA Standard How Imprivata Can Help
1. Security Management Process Section
Information System Activity Review; 164.308(a)(1)
  • Streamline system activity reviews with centralized access/activity reporting and logs.
2. Workforce Security
164.308(a)(3); Authorization and/or Supervision, Termination Procedures
  • Centralize authorization—user and computer access controlled in one place.
  • Single control to lock down network and application access upon employee departure.
3. Information Access Management
164.308(a)(4); Access Authorization, Access Establishment and Modification
  • Simplify setup and modification to user access with a single point of access control, authentication and authorization.
  • Transaction-level strong authentication to support ePrescribing, chart signing or CPOE without disrupting the physician’s workflow.
4. Security Awareness and Training
164.308(a)(5)(ii)(C); Login Monitoring, 164.308(a)(5)(ii)(D); Password Management
  • Centralize login monitoring and auditing of successful and failed login attempts. 
  • Simplify password management for care providers—no more multiple complex password rules.
5. Security Incident Procedures
164.308(a)(6); Response and Reporting
  • Proactively report and alert on suspicious login events for failed attempts.
6. Workstation Security
164.310(c)
  • Lock workstation when care provider walks away preventing unauthorized access to PHI from unattended workstations.
7. Access Controls
Unique user identification; 164.312(a)(2)(i), Automatic Logoff; 164.312(a)(2)(iii)
  • Prevent credential sharing and users writing down passwords. 
  • Lock workstations when authorized user leaves.
8. Audit Controls
164.312 (b)
  • Centralize audits of all workstation and application access by users.
9. Person or Entity Authentication
164.312(d)
  • Implement strong authentication choosing from a broad range of technologies (badges, biometric, etc...).