Features
By accessing our website, you are agreeing to be bound by these terms of service, all applicable laws and regulations.
HipaaChecker Features
UNIQUE USER ID TRACKING
PHI EMERGENCY ACCESS
SESSION MANAGEMENT
ENCRYPTION AND DECRYPTION
PREVENT UNAUTHORIZED PHI ALTERATION AND DESTRUCTION
INTEGRITY CONTROLS OVER TRANSMISSION
PHI ENCRYPTION
ACCESS CONTROL
ENCRYPTION AND DECRYPTION (Addressable) - § 164.312(a)(2)(iv)
Preventing access to EPHI by persons or software programs that have not been granted access rights is essential. Healthcare software/applications must “Implement a mechanism to encrypt and decrypt electronic protected health information”. The goal of encryption is to protect EPHI from being accessed and viewed by unauthorized users.
HIPAACkecker checks whether an application implements the National Institute of Standards and Technology (NIST) approved encryption and decryption procedures to protect PHI. We identify vulnerabilities in your implemented encryption and decryption algorithms and show you how to improve security to meet NIST standards. Several types of encryption and decryption algorithms are used to secure data. Here are some of the most commonly used algorithms that HIPAAChecker inspects:
In symmetric-key encryption, the same key is used for both encryption and decryption. Examples include:
Data Encryption Standard (DES): An old symmetric-key algorithm that uses a 56-bit key. It’s considered insecure due to its relatively small key size.
Triple DES (3DES): A variant of DES that applies the DES algorithm three times with different keys for increased security. This is also vulnerable to cyber-attacks.
Advanced Encryption Standard (AES): A widely used symmetric-key algorithm that supports key lengths of 128, 192, and 256 bits. AES is recommended by NIST and is considered highly secure.