Better information security for electronic medical records and other at risk health related information is a hot topic for primary care and health centers. Over 4000 attendees are anticipated to delve into these questions at the November Financial, Operations Management / Information Technology (FOM/IT) Conference & EXPO in Las Vegas, NV, where John “Jay” Trinckes, Jr. CISSP, CISM, CRISC and Vice President of Information Security, OSIS will champion his mission for healthcare security.
“Doctors have to worry about the care of their patients, but part of this care is to secure their patients’ information,” advocates Trinckes,"The public is worried about Google having too much information…if they only knew what their doctor has… this information is often times unprotected.”
“Compliance is much cheaper than paying the consequences!” Jay emphasizes, urging healthcare related businesses and professionals to make security a top priority. As of September 2013, all covered entities, business associates, and subcontractors of business associates are required to be compliant with the sweeping privacy regulation changes. Among the changes, is an increased ability for the Office for Civil Rights (OCR) to enforce compliance, along with steep penalties for non-compliance.
As Jay carries his message across the country, he also has the opportunity to share cutting edge technologies that support healthcare entities in securing health related information against cyber attack. In Seattle’s NWRPCA/CHAMPS Fall Primary Care Conference in October, Trinckes highlighted a breakthrough encryption technology, developed by MerlinCryption.
Anti-Statistical Block Encryption (ASBE) overcomes inherent risks in current encryption and is not subject to attack by cryptanalysis. The algorithm utilizes variable key lengths, which scale in size from 2008 bits to 2 gigabytes. The encryption solution does not require key transfer between end-points and eliminates expensive, cumbersome PKI.
Attendees received a sneak preview of ASBE-encrypted CryptoMedFile USBs, which were distributed during the conference and will release to market in January 2014. In addition to encrypting data from breach, CryptoMedFile USBs support healthcare service providers with critical features developed specifically for the medical industry. Relevant capabilities include a self-auditing capacity and an admin-only secure zone. The admin has the authority to access, encrypt, and decrypt user data.
Jay will present Avoid Penalties: Ensuring Compliance with the September 2013 HIPAA Privacy and Security Omnibus Rule, with Feldesman Tucker Leifer Fidell LLP on Wednesday, November 13, at Ceasars Palace. Future engagements include PMI’s National Conferences for Medical Professionals May 2014 in Chicago, IL.
About Jay Trinckes
Author of “The Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules”, and “The Executive MBA in Information Security”, healthcare privacy advocate John “Jay” Trinckes, Jr. is the go-to expert for shaking-out complacency and risky habits surrounding medical information security. His wealth of knowledge in information security and hands-on experience in risk assessment performance, vulnerability/penetration testing, information security management program development, and as a former law enforcement officer drives his success in identifying cutting edge security technology to better safeguard healthcare providers and their users against theft and fraud.
Mr. Trinckes holds a Bachelor’s Degree in Business Administration/MIS along with several certifications such as CISSP, CISM, CRISC, and NSA‐IAM/IEM and is Vice President of Information Security at Ohio Shared Information Services (OSIS), a 501©3 non‐profit organization. OSIS assists healthcare providers and business associates with IT and security related services, along with full adoption of NextGen’s suite of financial/clinical solutions to improve the quality of care delivered to the community.
About MerlinCryption, LLC
The Smart-World's Smart-Encryption® developer in Austin TX, MerlinCryption LLC (merlincryption.com) sells leading edge encryption platforms, authentication software, and next-generation encrypted USBs, which secure sensitive data, voice transmissions, and streaming video, against cyber theft, counterfeiting, cloning, software compromise, physical machine compromise, and man-in-the-middle attack.
A valued partner for equipment manufacturers, integrators, providers, and end-users, MerlinCryption closes vulnerability gaps at the core of the value chain, deploying cyber solutions for military/government, healthcare, smart-grid, financial, BYOD, and enterprise.
Forward-looking technology protect the integrity of data-at-rest, data-in-motion, data-in-use, and data-in-change as it is created, viewed, edited, shared, stored, and moved across communications channels and through the Cloud.