Content

University of Texas Health Science Center completes data security project

The University of Texas (UT) Health Science Center at Houston completed a network upgrade to protect and encrypt personally identifiable patient and employee financial information, electronic protected health information (EPHI) and intellectual property.

In order to ensure compliance with the Title II requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), UT Health Science Center selected Vormetric's CoreGuard Information Protection System to secure sensitive and confidential personal information used in its treatment and research.

HIPAA specifically addresses the security and privacy of health data, requiring health care providers and services to maintain reasonable and appropriate administrative, physical and technical safeguards to ensure the security or integrity of electronic health information.

According to Gartner research analyst Thomas Handler, "Security and confidentiality must be guaranteed, while balancing the need for legitimate access to records. In light of HIPAA regulations and rising consumer concern over privacy and confidentiality, a computer-based patient record system must have very robust security measures and technology."

"We have always taken the protection of our sensitive information seriously, but we wanted to completely ensure the integrity of our data by implementing another layer of security on our locally-attached storage," said Kevin Granhold, director of server and desktop services.

Granhold said that the policy-based Vormetric CoreGuard Information Protection System helped to secure the organisation's electronic assets without affecting the rest of its network environment or the performance of its IT infrastructure: "It also lets us easily extend information protection throughout our environment as new requirements arise."

Using the system's context-aware access control, UT is able to define the allowed user/application access combinations, the types of permissible access, and the locations from where data can be accessed, as well as whether the data is in encrypted or cleartext form.

Vormetric's MetaClear encryption feature is used to encrypt file content without encrypting the file system metadata, so allowing UT's administrators to manage data without first having to decrypt it, which would expose data in the clear at the backup server.

www.uth.tmc.edu
www.vormetric.com

 

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.