The Partner Security Program (PSP) enables health care organizations to assess the security compliance of business partners.
help health care organizations and their business partners address evolving
federal requirements for health data security and privacy, Verizon is enhancing
two of its security programs. The Verizon Security Management
Program-Healthcare (SMP-H), an online dashboard that helps organizations assess
and strengthen their security, now includes a module based on the Health
Information Trust Alliance (HITRUST) Common Security Framework (CSF), a widely
adopted set of health care industry data protection guidelines.
company's Partner Security Program (PSP) now enables health care organizations
to assess the security compliance of business partners and internal business
units against Health Insurance Portability and Accountability Act (HIPAA)
interim rules that extend data security and privacy requirements to the
business associates of health care organizations.
in August 2009, SMP-H helps organizations proactively strengthen their security
measures. Now with the inclusion of the HITRUST CSF module in Verizon SMP-H,
health care organizations can assess their security measures and practices
against 180 new additional controls, with a particular emphasis on process and
procedure validation, and policy review. HITRUST, in collaboration with health
care, business, technology and information security firms, is working to
promote the secure flow of electronic information through the U.S. health care
delivery system by standardizing security and privacy measures.
Partner Security Program, a Web-based security management platform designed to
help businesses manage security across a company's extended enterprise of
suppliers, vendors and partners, now addresses requirements of HIPAA and its
interim rules covering health care business associates. These rules
require that key health care business partners, such as accountants, billing
agencies and law firms, properly protect patient health information and create
compliance uniformity across the entire health care ecosystem.
and maintaining standards for the security and privacy of health data is a key
foundational element critical to the transformation of the U.S. health care
system," said Dr. Peter Tippett, Verizon's vice president of security and
industry solutions. "With more digitized health information being
exchanged, it is important that organizations monitor, manage and report on
compliance. Verizon is helping customers meet this critical need through the
development of new, secure online tools that foster the electronic exchange of
said with the Verizon PSP, health care organizations can reduce the
administrative burden of assessing, managing and reporting the security
compliance measures undertaken by these key business partners. "When it
comes to data security and privacy, one of the most important things health
care organizations should do is treat security compliance as an ongoing
process, not a one-time project," he explained. "As we point out in the
'Verizon 2011 Data Breach Investigations Report,' it is critical that data
security and privacy measures be implemented broadly throughout an
organization's IT systems. Our security management programs help organizations
continually monitor and manage their security programs to help prevent the
compromise of sensitive information."