SPHER is designed to meet specific HIPAA Privacy & Security requirements
Healthcare has Changed
The HITECH Act (Meaningful Use) has rapidly accelerated the adoption of Electronic Health Records across the entire healthcare spectrum, making patient health data readily available to those that need access to it. A core benefit of the EHR, centralization, made it so that clinicians can all view and contribute to a unique record for each patient at any time, from any location.
Initially believed to represent a massive step forward in terms of security when compared to the paper-based medical record, EHRs simply shifted the attack vectors. What was once a single paper record laid open and exposed on a desk or a nurse’s cart, is now a digital record available to any authorized user, instantly and remotely.
Percentage of breaches caused by users who have authorized access to patient data
HIPAA requires that all healthcare organizations have policies and procedures in place to monitor the daily activity that occurs on the EHR for suspicious user activity. This is done through the regular analysis of EHR audit logs. Should a suspicious event occur, the event must be documented, investigated, and resolved in a consistent manner.