The operation of an effective HIE platform does not rely on technical security alone. HIE Networks also understands the social and legal expectations required to build trusted relationships between partnering organizations.
HIE Networks maintains a policy framework that fully complies with HIPAA/HITECH security standards while providing the appropriate social and legal infrastructure to ensure quality results (see figure to the right – click for large size…)
HIE Networks adheres to the following security standards:
HIPPA Compliant
HIE Networks manages all Protected Health Information (PHI) as required by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules. HIE services are run as a fully compliant, HIPAA- covered entity.
VeriSign® Code Signing Certificates
VeriSign® digital signatures are part of all published HIE Networks software products to ensure an authenticated download source and genuine HIE Networks software.
https://www.verisign.com/code-signing/index.html
SSL Digital Certificates & VPN
All web transactions are completed via either via Secure Socket Layer (SSL) Digital Certificates with a minimum 128/256 bit encryption or via secure Virtual Private Network (VPN) connections.
http://en.wikipedia.org/wiki/Secure_Sockets_Layer
http://www.godaddy.com/ssl/ssl-certificates.aspx
http://help.godaddy.com/article/542
http://en.wikipedia.org/wiki/Virtual_private_network
SAS 70
HIE Networks hosts its HIE platform from an SAS 70- compliant, certified data hosting facility.
