Book a Demo
Book a Demo

    Laptop Opening with Car 200h

    Book a Demo

      You Must Meet All 5 of These Federal Technical Safeguards

      Missing Even One When Handling ePHI is a HIPAA Violation:


      1. Transmission Security - Regulation §164.312(e)(1)
       WHAT IT MEANS - Converts information into a code, also called encryption. You want the highest number when it comes to encryption (i.e. 256, 1024, 2048-bit), because the higher the level, the stronger the security

      HOW WE DO IT - Your information is secured using 2048-bit encryption.  This is a significantly greater security level  than required to be in compliance of federal laws

      2. Authentication - Regulation §164.312(d)

      WHAT IT MEANS - You must verify people are who they say they are in any electronic communication

      HOW WE DO IT - iCoreExchange uses the federally-recognized DIRECT Protocol to verify recipient identity. Every subscriber is verified through multiple forms of identification

      3. Access Control - Regulation §164.312(a)(1)

      WHAT IT MEANS - Ensures no unauthorized access of devices by a person other than the known, authorized user

      HOW WE DO IT - iCoreExchange will automatically log users off after a certain period of time

      4. Audit Control - Regulation §164.312(b)

      WHAT IT MEANS - You must be able to produce a detailed audit trail of all user access and activity

      HOW WE DO IT - iCoreExchange automatically logs and audits all required actions and will produce an audit report within minutes of a user session for HIPAA auditors

      5. Data Integrity - Regulation §164.312(c)(1)

      WHAT IT MEANS - Data must remain unaltered in its original format and encrypted at all times

      HOW WE DO IT -iCoreExchange HIPAA-compliant servers eliminate the possibility to manipulate data

      HIPAA Administrative Requirement §164.316(b)(1):

      WHAT IT MEANS - Emails must be stored for at least 6 years from the date of creation or last use

      HOW WE DO IT - iCoreExchange HIPAA-compliant servers store everything, unaltered and encrypted, for 6 years, fully meeting the federal requirement. This administrative safeguard is inseparable from the five technical safeguards above. Failure to meet any one is a failure to be HIPAA compliant.