Summary
Akoura’s proprietary information security
technology secures protected health information
(PHI), consistent with published HIPAA standards.
In addition, Akoura products can ensure authorized
access to key medical systems, sensitive patient
data, and other critical healthcare information.
The information protection requirements being
placed on healthcare providers has never been
higher. Unauthorized disclosure of protected
health information can result in both civil
and criminal penalties on behalf of providers.
The goal for healthcare providers is good security
that is affordable and easy to use. Akoura
products can ensure highly protected communication,
storage,
and archival or sensitive or confidential
healthcare information. Encryption and information
protection
will evolve as minimum standards for the
healthcare industry. Akoura offers a highly secure,
affordable
information protection solution.
Market Overview
Health care organizations are confronted
daily with oceans of information which
must be shared
across organizations and at the same time
protected from unauthorized access. This
information
includes patient health records, clinical
research results,
designs for new products and treatment
regimens, etc. Akoura’s proprietary information
protection technology hides this information
from unauthorized
access while our biometric authentication technology
enables the sharing necessary for effective
operations.
Business Drivers
Competitive Advantage – New drug research,
clinical testing results, databases of patients
and providers all represent potential competitive
advantage. These advantages include getting
a product to market before your competition,
or
targeting your marketing efforts to the right
providers. These advantages are easily lost
if the associated proprietary information gets
into
the wrong hands. Success in the pharmaceuticals
industry increasingly depends on leveraging
and extending the value of patents, and protecting
related intellectual property is a critical
component
of that success.
Extended Enterprise – Most health care
functions are delivered not by a single organization
but by a network of organizations. Bringing
a new drug to market involves pharmaceutical
companies,
independent laboratories, institutions which
can provide clinical testing, and regulatory
agencies. The delivery of basic care usually
involves the patient, one or more practitioners,
a hospital or clinic, as well as the insurance
company or HMO. These networks work effectively
only when the can easily communicate and share
information. This means that patient records
and pharmaceutical research are now distributed
more widely, creating more opportunities for
loss and theft.
Consumer Privacy Expectations – Even
without the regulations now in place, consumers
are increasingly
protective of their privacy and are aware that
such privacy depends on the health care organizations
with which they deal. An unintentional release
of patient health information can have severe
legal and public relations consequences.
Ease of Access – At the same time, consumers
are demanding easy access to their health information
and the elimination of bureaucratic bottlenecks.
Whether they are refilling a prescription using
a toll-free VRU or checking the status of a
claim on the web, they expect to be able to
access
and administer their health information at
their convenience.
Regulatory Issues
The Health Insurance Portability and
Accountability Act of 1996 (HIPAA)
has transformed the
healthcare industry from a compliance
and information
security perspective. As a result of
the HIPAA regulations,
federal oversight for compliance, and
potential criminal penalties for non-authorized
disclosure
of protected health information (PHI),
the healthcare sector must address
a massive information security
requirement. The effects of federal
mandates are compounded by a dramatic increase
in patient requirements for improved
protection
of their
health information. Compliance combined
with
increased patient expectations create
a dual burden for organizations subject
to
the HIPAA
regulations (covered organizations).
To ensure the integrity and privacy
of PHI, covered organizations are
constrained with
very few practical
technology options. Two critical
requirements that technology can address are
encrypted
storage of PHI and ensuring only
authorized access to
confidential electronic mail and
attachments sent over the public Internet. Information
sharing and collaboration by covered
organizations over
the public Internet, poses significant
risk of unauthorized access to confidential
electronic
mail and attachments. To meet HIPAA
compliance
standards, covered organizations
are
required to meet a very specific
set of requirements
including
mechanisms and services that prevent
unauthorized interception or receipt
of electronic mail.
In almost all cases, the HIPAA regulations require
the encryption of electronic mail, and for clearly
defined procedures for authentication of the
designated recipient. In almost all cases, HIPAA
requires the encryption of electronic mail, and
authentication of the recipient. The Health Insurance
Portability and Accountability Act (HIPAA) of
1996 does not prohibit enterprises from using
the public Internet. The regulations were put
in place to ensure that covered organizations
assess the risks to protected health information
(PHI) associated with Internet usage. In addition
to assessment of risk, covered organizations
are also required to take clear steps reduce
or eliminate these risks.
Information sharing and collaboration by
covered organizations over the public Internet,
poses
significant risk of unauthorized access to
confidential electronic mail and attachments.
To meet HIPAA compliance standards, covered
organizations are required to meet a very
specific set of requirements including mechanisms
and
services that prevent unauthorized interception
or receipt of electronic mail. In almost
all cases, the HIPAA regulations require
the encryption
of electronic mail, and for clearly defined
procedures for authentication of the designated
recipient.
Traditional industry thinking is that there
are a substantial number of financial,
technical, and staff requirements associated
with the
deployment of PKI or other encryption-based
technologies. In historical terms, the
level of protection provided by industry leading
encryption technologies has been out of
reach
for covered organizations. Because covered
organizations are very concerned about
the criminal penalty provisions of the HIPAA
regulations, they are faced with a difficult
set of choices.
The choices include deploying expensive
encryption-based technology or putting in place
over-reaching
and burdensome policy-based protected health
information (PHI) security measures. Neither
choice serves the best interest of the
patient or the covered organization.
Benefits of Akoura Technology
Akoura is servicing the healthcare sector
with a more secure, cost-effective, and
easy to deploy alternative to traditional
encryption-based information security solutions.
Working together with Akoura, covered organization
can address head-on a cost effective solution
to protecting patient health information.
Akoura’s ease of use and deployment
will result in the highest possible adoption
rates and usage. High adoption rates for
information security represent the foundation
for a lower overall risk profile for a covered
organization.
Akoura’s data and electronic mail security
software are desktop-based applications that
provides ten [10] times the level of security
of any other commercially available encryption-based
solution. The Akoura data protection “engine” supports
3200 bit encryption (industry standard is 256
bit) with zero incremental investment in infrastructure,
resources, or personnel. In addition to a ten
[10] times improvement in security, Akoura
provides a unique hiding capability for sensitive
documents. Akoura's hiding technology ensures
no visual or digital clues are provided to
non-authorized users. The application can be
fully deployed and up and running for an individual
within a covered organization in thirty [30]
minutes or less. Akoura’s also offers
its healthcare customers "persistent-security" capability,
ensuring that the encryption stays with the
document, independent of the documents location.
Akoura's MailSecure product provides a
comprehensive solution for covered organizations
to meet the HIPAA standards for electronic
mail usage over the public Internet. Akoura
Mailsecure meets the two principal HIPAA
standards for Internet electronic mail including
prevention of unauthorized interception
and authentication of recipient. Akoura
is able to achieve full HIPAA compliance
with zero incremental investment in infrastructure,
systems, or personnel. The Mailsecure solution
requires no centralized key management,
offers a simple end-user experience, and
can be deployed within a covered organization
in less than thirty (30) minutes per user.
Akoura's data and electronic mail protection
technologies provides a comprehensive solution
for covered organizations to meet the HIPAA
standards for secure archival and storage
of PHI and for electronic mail usage over
the public Internet. Akoura’s technology
meets the two principal HIPAA standards
including prevention of unauthorized interception
of protected information and authentication
of recipient. Akoura is able to achieve
full HIPAA compliance with zero incremental
investment in infrastructure, systems, or
personnel.
Akoura’s solution set requires no centralized
key management, offers a simple end-user experience,
and can be deployed quickly and efficiently
within the covered organization.
Akoura Mailsecure solves the problem
of HIPAA compliance for use of the public Internet
for electronic mail. According to Gartner Group,
electronic mail security is the number one
issue facing enterprise Chief Security Officers.
While overall HIPAA compliance is a multi-faceted
problem that requires a portfolio of solutions,
Akoura Mailsecure can address head-on
Internet electronic mail compliance.
Financial Solutions | Intellectual
Property Solutions | OEM
Solutions
