SafeLogic Blog

The Cryptographic Construction of Medicine

Written by Walt Paley | Jun 7, 2013 4:23:20 AM

Today, we published a whitepaper here at SafeLogic, discussing the role of cryptographic technology in meeting HIPAA regulations. There may not be any other use case in which more average Americans are affected every day by encryption, and it is a vital piece of the legislation.

Most of us have had an experience in which HIPAA rules were a thorn in our side. Sometimes tasks that appear simple end up being a giant pain, such as transferring health records to a new physician. After countless hours and a dozen phone calls, 'HIPAA' no longer sounds like an animal at the zoo and may as well be a four-letter word. I've been there.

Luckily, that is largely a function of manual processing that is rapidly becoming a thing of the past. Modern software providers are working hard on the problem from various angles. Assessing physician demands and the needs of the patients, adding user interface improvements and technological innovations, the doctors of the future will be able to do so much more. Real-time collaboration with specialists and colleagues, instant feedback on prescriptions and medicine interactions, leveraging monitoring devices paired with mobile platforms… this is the stuff from sci-fi movies when I was a kid!

Medical software solutions, combined with the exponential growth of diagnostic data being collected, create potentially explosive situations if the data is not encrypted to the highest level. Connected devices have access to massive amounts of sensitive and personal health information and HIPAA acknowledges that it must be encrypted. A single compromised laptop or tablet can lead to hundreds of thousands of patients’ files. Unlike enterprise data, where proprietary data represents the lifeblood of innovative companies, this is quite literally our lives. Imagine the threats that could plague us if our medical records were vulnerable – everything from embarrassment and bullying to maliciously altered medical prescriptions and targeted biological weapons.

Maintaining the integrity of our health records is crucial, and the reality is that it would be impossible without validated cryptography. The idea of unencrypted medical records, even stored locally, gives me the absolute creeps. Luckily for the American public, it is an ironclad requirement. Serious penalties are in effect for healthcare providers who are not compliant with HIPAA and fail to encrypt Protected Health Information.

Now that I have made you completely paranoid about electronic health records and how dangerous it would be to ignore encryption, read our whitepaper.  SafeLogic addresses each cryptographic requirement of HIPAA with CryptoComply. By integrating our FIPS 140-2 validated module, software vendors are able to deliver the highest level of encryption and data assurance to your doctor with every update, version, and release of their solution. Innovation will lead the way to a stronger, more efficient health care system, and waiting for FIPS validation hinders that evolution. CryptoComply brings instant compliance to the table, which means the best software, with the best encryption, can be deployed as soon as possible with full HIPAA compliance.

Stay informed about the protection of your medical records, and stay healthy out there.