NIST-based Protocols to Secure ePHI Exchange between Authorized and Authenticated Persons and Systems.
CyPHIsecure™ mitigates the risk of cyberattack, and performs a function that certified EHR technology is unable to perform in the absence of a unique patient identifier. By providing a secure electronic direct data entry (DDE) exchange protocol for authenticated providers, CyPHIsecure™ delivers end-to-end encryption of electronic protected health information (ePHI) at rest and in motion.
CyPHIsecure™ is Designed to Mitigate Data Transfer Intrusions:
- IT Network Pathways
- Stationary Medical Devices
- Mobile Devices for Healthcare Practitioner Information Interaction
- Instrumentation for Diagnosis, Monitoring, and Treatment of Medical Conditions
- Certified EHR Technology Security Criteria
Access by unauthorized or unauthenticated persons or systems that compromises confidentiality, availability, integrity, or any combination thereof, of ePHI.
- Increased likelihood of privacy breach or security incident
- Patient safety and ePHI at risk
- Significant federal penalties imposed
- Impaired cyber-insurability
- Negative business reputation
- Subject to class action and individual litigation
- Reduced Medicare payments under MIPS (2019)
Working with a data-processing strategic partner, NIST-based protocols to ensure authorization and authentication of recipient in exchange of ePHI. Beta testing of software in 2019 Q1 and launch in Q2
An adaptation of a healthcare data exchange mobile software that initially will be for Provider-to-Provider Exchange and ensures authorization and authentication of the data recipient. Additional applications to focus on EHR <-> EHR data exchange, Provider <-> Patient data exchange in concierge and direct medicine, clinical trial, and telemedicine.
CyPHIcomply provides the regulatory and best practices framework for design and implementation of CyPHIsensor and CyPHIsecure software:
- Mitigating internal and external risks to patient safety
- Creating a trusted environment for healthcare stakeholders
- Minimizing financial and reputational liabilities to noncompliance
- Enabling cybersecurity insurance coverage
- Generating linked data leading to quantifiable intelligence across cybersecurity continuum.