Is your EHR Secure?

October 25, 2019

security

If you are like the many organizations that believe “data” is your most important asset, then you would agree that securing your most important asset is critical. The chances are you know of someone or some organization who has been recently impacted by a computer security incident in the last year. According to Statistica (1),the number of data breaches in the United States amounted to 1,244 with over 446.5 million records exposed. How do you ensure your vendor has taken all the right steps to protect your data?

Core’s Cx360 is built with security in mind. Starting with security checkpoints within the software development lifecycle, Core has built a comprehensive set of security controls based on NIST standards. These controls cover physical infrastructure, software development, deployments, incident management and more. We are excited to share some key differentiators that Cx360 offers to provide a secure platform to safeguard your data.

aws

Core has partnered with Amazon Web Services, the world’s largest hosting provider, to offer a scalable and reliable hosting platform for Cx360. In addition, Core leverges AWS’s advanced capabilities like Virtual Private Cloud (VPC), Web Application Firewall (WAF), Relational Database Services (RDS), Multi Zone Load Balancing and other capabilities to offer a secure and high availability solution that can support your disaster recovery goals.

 

research

Security is an ongoing responsibility that requires 24x7x365 attention. Core’s investment in this area is unparalleled and includes a suite of products and services to ensure a secure environment with proactive monitoring. Our proactive monitoring starts with a robust patch management solution that identifies required operating system and other critical software updates and is supported by a process to ensure updates are completed within acceptable parameters. Going beyond robust patch management, Core uses industry leading solutions for Intrusion Detection and identifying other potential issues. Various alerts and weekly reviews ensures we stay proactive in addressing potential issues identified through our tools. Another important piece of our ongoing monitoring is consolidated log management to ensure application level issues and risks are available to appropriate stakeholders on an ongoing basis.

 

permission
Cx360 has several built in features that improves the overall security posture of our clients. Starting with granular security permissions for forms, reports and advanced features, Cx360 allows organizations to configure record level permissions to further client data. For example, record access can be restricted based on caseload, program or staff assignments

One of the other key differentiators in Cx360 is Auditing. Most EHR vendors restrict access to audit data to a limited time period or place limitations in being able to query the data. The Cx360 audit utility maintains data through the entire history of the client/system and allows users to drill down to the field level to see changes made and who made them.

 

Core and Cx360 have several other examples that demonstrate our commitment to security. Schedule your Cx360 demonstration today or talk to one of our experts to learn more about our security challenge.