You Must Meet All 5 of These Federal Technical Safeguards

#1

Transmission Security

§164.312(e)(1)

#2

Authentication

§164.312(d)

#3

Access

Control

§164.312(a)(1)

#4

Audit

Control

§164.312(b)

#5

Data

Integrity

§164.312(c)(1)

Missing Even One When Handling ePHI is a HIPAA Violation:
1. Transmission Security - Regulation §164.312(e)(1)
 

WHAT IT MEANS - Converts information into a code, also called encryption. You want the highest number when it comes to encryption (i.e. 256, 1024, 2048-bit), because the higher the level, the stronger the security

HOW WE DO IT - Your information is secured using 2048-bit encryption.  This is a significantly greater security level  than required to be in compliance of federal laws

2. Authentication - Regulation §164.312(d)

WHAT IT MEANS - You must verify people are who they say they are in any electronic communication

HOW WE DO IT - iCoreExchange uses the federally-recognized DIRECT Protocol to verify recipient identity. Every subscriber is verified through multiple forms of identification

 
3. Access Control - Regulation §164.312(a)(1)

WHAT IT MEANS - Ensures no unauthorized access of devices by a person other than the known, authorized user

HOW WE DO IT - iCoreExchange will automatically log users off after a certain period of time

 
4. Audit Control - Regulation §164.312(b)

WHAT IT MEANS - You must be able to produce a detailed audit trail of all user access and activity

HOW WE DO IT - iCoreExchange automatically logs and audits all required actions and will produce an audit report within minutes of a user session for HIPAA auditors

 
5. Data Integrity - Regulation §164.312(c)(1)

WHAT IT MEANS - Data must remain unaltered in its original format and encrypted at all times

HOW WE DO IT - iCoreExchange HIPAA-compliant servers eliminate the possibility to manipulate data

 
HIPAA Administrative Requirement §164.316(b)(1):

WHAT IT MEANS - Emails must be stored for at least 6 years from the date of creation or last use

HOW WE DO IT - iCoreExchange HIPAA-compliant servers store everything, unaltered and encrypted, for 6 years, fully meeting the federal requirement.  This administrative safeguard is inseparable from the five technical safeguards above. Failure to meet any one is a failure to be HIPAA compliant.

 

© 2019 iCoreConnect Inc. All rights reserved.

Terms of Use.
End User License Agreement

888.810.7706