Whether you call your sensitive electronic information PI, PII, PHI, PIFI or SPII, it must be protected.
If you and your company handle any of this information you must implement data protection technology to protect, track and manage your company’s most valuable asset, information. Failure to show best practice measures could result in extensive fines (even imprisonment) that could have catastrophic effects on any small to medium sized business. Even if the fines and legal fees do not put your company out of business, your company’s once prestigious reputation has been tarnished and could result in a loss of business. As you and your company navigate the best approaches and solutions to meet the numerous demands outlined by State and Federal regulatory requirements, you should consider adding file encryption to your solution set. With no extensive implementation required, the BIOWRAP® file encryption solution can immediately and cost-effectively prevent penalties for noncompliance associated with your sensitive electronic information.
To better assist you in your solution evaluation, NATION Technologies has identified the top regulatory questions pertaining to the protection of digital information.
1) Does your Information Security Program include policies and procedures for where electronic records containing sensitive data should be kept or transported off premises?
BIOWRAP files remain protected wherever they are kept and however they are transported.
2) Is access to electronic records limited to those persons who have a need to know in connection with your legitimate business purpose, or in order to comply with state or federal regulations?
Only authorized individuals are capable of accessing your sensitive electronic records.
3) Do you have secure access control measures that restrict access, on a need-to know basis, to your sensitive electronic files?
BIOWRAP allows a company to define a combination of confidentiality access rights to protect electronic information at all times. Access rights range from Personal File (only you can access), biometric access, digital certificate access, company/group only, Security Code (password protected) and free validated BIOWRAP username and password. In addition, recipients that do not meet the access requirements (or even if the Security Cost is lost) can still gain immediate access to the encrypted file. This confidential real-time request is approved or rejected by the creator of the file without ever displaying information on the file or file creator.
4) Have you instituted a procedure for regular monitoring to prevent unauthorized access to or unauthorized use of electronic information?
The BIOWRAP solution includes automated monitoring. -Create customized forensic auditing reports to detail all activity associated with your sensitive electronic records. -Instant email notifications for all access activity, including notification of successful access (set per file). -Instant email notifications for all unsuccessful access attempts.
5) Do you have in place a procedure for documenting any actions taken in connection with any breach of security? Does that procedure require post-incident review of events and actions taken to improve security?
Lost or stolen BIOWRAP encrypted files are always protected. All activity associated with the encrypted file is tracked and logged in a detailed forensic auditing report. The BIOWRAP solution eliminates the need for extensive forensic investigations. Real-time notifications alert you to any and all attempted data breaches. With BIOWRAP, early detection is now instant detection. To mitigate any further unauthorized attempts or breaches to your sensitive information, the BIOWRAP solution provides you with retention management functionality to easily ‘kill’ all access to compromised data wherever it may be. All activity is tracked and logged.
6) Do you have monitoring in place to alert you to the occurrence of unauthorized use of or access to sensitive electronic information?
Only those that you approve can access your encrypted files. If an unauthorized attempt to access the encrypted file occurs you will notified in real-time to mitigate any instances of misuse.
7) Do you encrypt all sensitive electronic files that are transmitted across public networks, and that are to be transmitted wirelessly?
Creating a BIOWRAP encrypted file is easy, simply select the file and encrypt. Your files are protected at all times.
8) Does the Information Security Program provide for immediately blocking terminated employees' physical and electronic access to PI records (including deactivating their passwords and user names)?
The BIOWRAP account administrator can easily deprovision or remove terminated employees from creating and accessing BIOWRAP encrypted files. The terminated employee will no longer be able to access company BIOWRAP encrypted files, even if the file(s) resides on the terminated employees personal PC or even thumb drive.
For more information about how to protect your sensitive electronic information, contact NATION Technologies to schedule your BIOWRAP® demonstration.