Insight Technology, Inc

Insight Technology, Inc.

Japanese | English

Security Compliance

The Health Insurance Portability and Accountability Act (HIPAA)

The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996 to protect all forms of personal health information (PHI), by defending the patients' rights to have their health information kept private and preserving control of how their PHI data is used and when it is disclosed.

Technical Safeguards (164.312)

164.312 (a)(1) - Access control
Implement technical policies and procedures for electronic information systems that maintain electronic protected health information to allow access only to authorized persons
164.312 (a)(2) - Implementation specifications
Unique User Identification and Automatic logoff (Addressable).
164.312(c)(1) - Integrity
Implement policies and procedures to protect electronic protected health information from improper alteration or destruction.
164.312(e)(1) - Transmission Security
Implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.
164.312(e)(2) - Transmission Security-Integrity Controls (Addressable)
Implement security measures to ensure that electronically transmitted electronic protected health information is not improperly modified without detection until disposed of.

Administrative Safeguards (164.308)

164.308 (a)(5) -- Security Awareness and Training
Implement a security awareness and training program for all members of its workforce (including management).
  • Password management (Addressable)
  • Log-in Monitoring (Addressable)
164.308(a)(3) - Workforce Security
Implement policies and procedures to ensure that all members of its workforce have appropriate access to electronic protected health information like Workforce Clearance Procedures

Physical safeguards (164.310)

164.310(d)(1) - Device and media controls
Implement policies and procedures that govern the receipt and removal of hardware and electronic media that contain electronic protected health information into and out of a facility, and the movement of these items within the facility.
64.310(d)(2) - Implementation specifications:
  1. Disposal (Required)
  2. Media re-use (Required)
  3. Accountability (Addressable)
  4. Data backup and storage (Addressable)

Insight Technology, Inc (ITI) empowers you with database management solution to address regulatory requirements for HIPAA:

PISO

PISO

PISO provides a real-time database monitoring and auditing. PISO monitors the suspicious or unauthorized access to your critical data and notifies alert without time delay with detailed information, such as a full SQL text, the number of rows accessed, etc, with minimum performance overhead. PISO enables enterprise to levarage the security solution for fortifying internal control.

For example, PISO helps organizations to control the followings:

  • Segregation of duties
  • Development staff running transactions in the production database
  • Many users accessing administrator or super user transactions in the production database
  • Terminated employees or partners access
    • etc...


TOP TOP
Contact us for Insight's Products & Service.


Copyright © Insight Technology, Inc. 1996-2007 All Rights Reserved. | Privacy Statement