Kroll Fraud Solutions division, along with Healthcare IT News has released a great report for 2011. This report outlines the top 10 data security issues for 2011. There is also another report on Healthcare IT News where a panel of healthcare experts named the top 7 trends in information privacy for 2011. So, I just wanted to discuss how Microsoft’s Business Ready Security Solutions will address these issues.
What really jumped out at me was that of the 17 total issues raised in these two reports, 9 are related to data breach notification and risk mitigation. Data breach issues are a huge issue in the healthcare industry. HIPAA covered entities are required to notify their customers in the event of a breach. This notification is public and is usually reported in various media outlets, which can cause a negative view of the health provider. So, what solutions are available from Microsoft?
First, with Windows 7 Enterprise there is BitLocker and BitLocker To Go. BitLocker is full hard disk encryption and BitLocker To Go will encrypt USB data drives. So, if that device is stolen or lost, the HIPAA covered entity may not have to report the data breach because nobody will be able to access that data. I am including a link to a great video that discusses how to use BitLocker and BitLocker to Go. [Note: customers should consult with their compliance and legal teams to ensure that use of these encryption techniques adhere to their security risk assessments and comply with their interpretations of federal and state privacy/security laws].
Another product that can help protect information is Active Directory Rights Management Services (ADRMS). ADRMS, along with File Classification Services (FCS), can scan documents for content and then based on content rules and policies, classify those files. For example, FCS can scan a shared drive for documents that have a Social Security Number. If the document contains that data, FCS can classify it as Protected. Then ADRMS can apply policies to documents like "Do not Copy" or "Do not Print". These policies also work with SharePoint Server 2010’s document libraries and content sent through Exchange 2010. So, when you open the document on your network, these policies will apply. If you try to open the document outside your network, you will receive an error and be unable to open the document. Here is a great blog post on how to use FCS and ADRMS to protect documents.
Another data security solution, that is part of our cloud services, is Exchange Hosted Encryption. This solution will encrypt your emails based on content, so the recipient will receive a secure message. The message will be scanned so that encryption will only occur if it has content that you define as secure. Plus, since this is a cloud based solution, there is no hardware or software that you need to purchase for your datacenter.
So we addressed information protection, but what about network security. Our Forefront Protection Suite can help address those issues. By using Forefront Unified Access Gateway (UAG) you can create a secure VPN application portal that your end users can access from home. Forefront Threat Management Gateway (TMG) can help secure your network edge and ensure that people are not traveling to malicious websites and downloading malware. TMG can also help prevent external intrusions and help secure your network from malicious hackers.
So, our Business Ready Security Solutions can help mitigate risk of data breaches and secure information. Over the next few months I will go into a bit more detail about how our technolgy can help address healthcare related security issues. If you have questions or comments, please post on the blog. I welcome your feedback.