From BlueCross BlueShield to Medicaid, the threat of a cyber security breach seems omnipresent and omnipotent. Earlier this month, the Washington State Health Care Authority identified a breach of the protected health information (PHI) of more than 91,000 patients. Practices are clamoring for reassurance of how an electronic patient forms’ provider prevents these breaches. Fortunately, Practice Sense (PS) focuses on five Pillars of Excellence for our practices.
#1: Advanced Encryption Standard-256
Advanced Encryption Standard (AES) was created for the primary purpose of securing classified, protected, or otherwise “secret” information for the government. AES consists of three, bit-defined ciphers, AES-128, AES-192, and AES-256. The numeric value of the cipher refers to what strength of key is needed to decrypt information within the 128-bit blocks of stored data. Additionally, AES-256 requires 14 rounds of data processing to decrypt information. AES-256 remains the most secure standard and is used for storage and retrieval of data in Practice Sense systems. In fact, PS has not experienced any data breaches at all.
#2: Ease of Access Without Sacrificing Security Protocol
PS is entirely web-based, and any professional within your practice may access online patient forms from any device via a 2-step authentication process and custom configuration login. Furthermore, five failed login attempts will result in an immediate lockout.
#3: Technical Assistance
PS offers live support from 8:00 AM to 5:00 PM PST and around-the-clock, including holidays, support through a custom ticketing system. In the sole instance of a previous problem with accessing PS-stored data, PS increased customer support and provided manual assistance to the affected practice. The entire problem was resolved within five days, but no data was lost or compromised during this single issue.
#4: Guarantee Against Breach
PS carries a comprehensive Cyber Security Liability Insurance policy to provide further reassurance against the potential threat of a breach. All practices are fully indemnified against any breach mediation cost or regulatory actions, such as the injunction of a fine, as explained by Indiana University, of $50,000 for unknowingly violating HIPAA regulations. To further maintain compliance, all entered data into the system is given the same classification as protected health information.
#5: Practice Login Accountability
PS is unable to safeguard against any potential breaches that occur due to the willful bypass our security standards. For example, a practice should disable the login credentials for previous employees upon resignation or termination, and all personnel should ensure the "https" security identification is included in the URL when accessing the PS portal.
At Practice Sense, we value the confidential nature of your patient-practice relationship, and we have created these Pillars of Excellence to protect your practice. Review a sample form or request a demo for electronic patient forms, or contact our office today at 1 (800) 619-2955 to get started protecting your PHI.