FishNet CARE Platform Helps With HIPAA, HITECH Compliance
The CARE solution, designed and developed by FishNet, is aimed at closing many of the gaps in HIPAA and HITECH security and privacy requirements.FishNet Security announced the release of an enterprise software platform, Clinical Application & Resource Extension (CARE), that is designed to help health care providers provision users to clinical applications through integration with leading identity management platforms. The CARE solution, designed and developed by FishNet, is aimed at closing many of the gaps in the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) security and privacy requirements, which were highlighted in the 2012 pilot audit results reported by the U.S. Department of Health and Human Services' Office of Civil Rights. End users have the ability to change or reset their passwords, which are then automatically updated across all CARE-integrated applications. CARE also provides synchronization with human resources (HR) and payroll system databases and Active Directory environments. "FishNet Security's CARE software provides scalable, cost-effective integration with traditional identity management platforms to solve for many of the traditional business and information security challenges associated with identity and access management," Andrew Ames, vice president of business development at FishNet, said in a statement. "Organizations can gain efficiencies as a result of the need to manage fewer user IDs and passwords for clinical applications, automating the provisioning of users' accounts and access entitlements to key healthcare applications, and enabling clinicians to reset their own passwords instead of waiting for Help Desk assistance."
The platform also enhances auditing, compliance and IT controls through centralized identity management of clinical and business applications, and addresses top HIPAA compliance issues such as user activity monitoring, authentication and integrity, granting or modifying of user accounts, and verification of the identity of those requesting protected health information.