Why CAIPHI, Why Now?

The FBI reports healthcare ranks in the top 5 industries targeted for cybercrime.

“On the black market, where the bad guys sell this stuff, the value of a medical record is easily 10 times more than a credit card account number.” – Privacy Expert Larry Ponemon, to NBC News, July 24, 2017.

The healthcare orbit of 801,000 covered entities and their over 1.5 million business associates face unprecedented threats to networks, EHR systems, and digital devices used for healthcare operations, payment, and treatment that potentially compromise patients’ data and safety.

These Threats are in Three Areas

REGULATORY

Noncompliance

OPERATIONS

Cyberattacks

DATA EXCHANGE

Unsecured ePHI

The Consequences

  • Increased Likelihood of Breach.
  • Patient Safety or Identify Compromised.
  • Significant Federal Penalties.
  • Impaired Cyber-insurability.
  • Negative Business Reputation.
  • Class Action and Individual Litigation.
  • Reduced Medicare Payments under MIPS (2019).

REGULATORY

Noncompliance

Failure to Conduct a Risk Analysis and Implement and Document a Security Management Plan, with Resultant Privacy Breach and Security Incident Threats and Vulnerabilities.

OPERATIONS

Cyberattacks

Internal: Workforce Member Vulnerabilities Due to Inappropriate or Lack of Safeguard Training.

External: Phishing/Ransomware Intrusion Threats to Vulnerable Networks and Systems.

DATA EXCHANGE

Unsecured ePHI

Access by Unauthorized or Unauthenticated Persons or Systems that Compromises Confidentiality, Availability, Integrity, or any Combination thereof.

The CAIPHI Solutions

CAIPHI links cybersecurity safeguards to provide chain of custody of ePHI across healthcare stakeholders’ EHR, IoT, and Data Exchange environments.

REGULATORY COMPLIANCE

A Comprehensive Cybersecurity and HIPAA Safeguard Compliance Tool Set that Includes a NIST-Based Risk Analysis Template, Written Policies and Procedures, and a Safeguard Training Curriculum.

EMERGENCY PREPAREDNESS

Checklists and Management Tools for Tracking, Testing, and Certification for Emergency Preparedness Protocols for 17 CMS-designated Medicare and Medicaid Providers and Suppliers for which Compliance was required by November 15, 2017.

AUDIT OF loT DEVICES

An Adaption of an Existing Software that Identifies All Networked Devices, Tracks Their Activity to Ensure Appropriate Use in Medical Diagnosis and Treatment, Alerts Management when an Inappropriate Use or Malfunction Occurs or in Anticipation of a Malfunction.

SECURE DATA EXCHANGE

An Adaption of a Sensitive Healthcare Data Exchange Mobile Software that Initially will be for Provider-to-Provider Exchange, Ensures Authorization and Authentication of the Data Recipient.

Value Added Benefits

CyPHIcomply™ and CyPHIprepare™ provide the regulatory and best practices framework for design and implementation of CyPHIsensor™ and CyPHIsecure™ software.

  • Mitigate internal and external risks to patient safety.
  • Create a trusted environment for healthcare stakeholders.
  • Minimize financial and reputational liabilities to noncompliance.
  • Enable cybersecurity insurance coverage.
  • Generate linked data leading to real-time quantifiable intelligence across continuum.
  • Reduced Medicare Payments under MIPS (2019).

The CAIPHI Continuum

The Continuum is the linkage of cybersecurity safeguards and chain of custody of a patient’s data received, created, maintained, or transmitted to ensure its confidentiality, availability, and integrity.

  • Such safeguards for patient data in exchange require that the sender authenticates the recipient as an authorized receiver of the data and that the data are not impermissibly altered or disclosed in transmission. CyPHIsecure™ is the solution that ensures confidentiality and integrity of patient data, well as its availability to authorized and authenticated users.
  • Such safeguards require that IoT devices used in diagnosis, monitoring, and treatment of medical conditions in clinical environments capture, record, and disclose true and accurate information to the healthcare practitioner. CyPHIsensor™ is the solution that ensures availability and integrity of patient data, as well as its confidentiality from access by unauthorized users.
  • Confidentiality, Availability, and Integrity of Protected Health Information is CAIPHI.
    Our focus is to ensure that our customers implement the safeguard continuum, starting with CyPHIcomply™ for complying with HIPAA Rules and the NIST Cybersecurity Framework, and CyPHIprepare™ for complying with CMS requirements – implementing industry best practices; safeguarding patient data under all circumstances; and using data drawn from CAIPHI’s safeguard tools to establish AI management procedures in the future.
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt