Since 1996, under HIPAA compliance, medical facilities collecting, storing,
and transmitting patients’ healthcare records are obligated to maintain
confidentiality and availability of collected and recorded medical records (PHI). The PHI data is highly sought after by cyber criminals. Upon cyber breach, it is common for data to be stolen and/or access to be disrupted.
EgisData provides a set of APIs in the Encryption as a Service suite, which developers can use for encrypting and decrypting data. Such APIs would be
called prior to the data being saved into a CRM’s database.
The integration is easy, as it is done through the RESTful secure API.
EgisData also provides secure data storage, where each record is encrypted
with an individual encryption key.Additionally, access to the corresponding encryption
Key is guarded by the EgisData policy engine. Patients can securely share their records with other facilities or family members, while medical facilities can be ensured that encrypted data will not be compromised in the event of a cyber-attack.
Management of Advanced Directives
Most of us plan for unexpected events in our lives. Advance Directives are designed to
ensure a patient’s wishes of medical treatment are still carried out, should the patient
be unable to communicate them to a doctor.
EgisData enables a patient to designate several people to unlock his or her directives.
The locked directives are encrypted, unless a specific number of people from the
designated group want to unlock the record. For example: Mr. Jones wishes to
designate his attorney and 3 members of his family to be able to unlock his advanced directives.Furthermore, Mr. Jones sets the rule that only 3 out of 4 parties, including his attorney, need to be present in order to unlock the directives.
The EgisABAC policy engine has recorded the policy, which is signed by Mr. Jones.
No other policy can replace the prior one, unless Mr. Jones chooses another policy.
EgisABAC ensures the policy is not circumvented and that the encryption Key decrypts
records only when Mr. Jones’ attorney and 2 other family members attempt to unlock theAdvanced Directives. The complexity of the policy can be arbitrary, but it should
reflect reasonable unforeseeable circumstances of the other parties’ availability.
Request More Information
Fields marked with an asterisk (*) are required.