TechR2

Login

Healthcare Providers Utilize Non-HIPAA Non-NIST Compliant Vendors

Matt Burdick

June 8, 2022

About Data Security,Asset Disposal,TechR2 Blog

Healthcare Under Pressure to Improve Data Security

The pressure is on.

With the Healthcare industry under pressure to improve their data security and protect patient PHI, many medical provider groups are still not providing the adequate service of sanitizing and verifying that the hospital’s myriad of Internet of Things devices and hard drives are truly free of PII and PHI data. HealthReach Community Health Centers notified 101,395 Maine residents of a massive potential health care breach at the community healthcare organization. Improper disposal of hard drives can lead to health records breaches.

The Problem

Once the Healthcare CIO, CISO, Legal and Compliance officers discover the data security vulnerabilities that they are not meeting both HIPAA laws along with CMS Medicare and Medicaid NIST regulations, they act immediately.  ITAD: IT asset disposal is a security risk to take seriously`

No one wants to end up like Morgan Stanley, who was both fined and paid settlements of hundreds of millions of dollars for using non-compliant and non-certified ITAD vendors of the antiquated recycling industry. Morgan Stanley names ITAD vendor behind its data loss incident

Another non-compliant third-party vendor such as an ITAD recycler is found to be inadequate in performing End of Life (EoL) processes. Under a casual inspection, they lack the supply chain data security certifications and skillset to guarantee that corporate and client PII, PHI, PFI and intellectual property is removed from the data bearing devices. From missing essential NIST 800-88 requirements, to not following industry NSA mechanisms, to operating in the data security environment since 2018 without bothering to meet NIST 800-53 or ISO 27001 controls, they are obviously the weak link in your cyber defense. ITAD is Dead

The Solution

Patented Tear-A-Byte® Method is the Future of EoL Solutions (Patented Tear-A-Byte) 

Your answer to your cybersecurity control challenge is the ISO, and NIST certified TechR2’s Patented Tear-A-Byte solution. Patented Tear-A-Byte Method is the Future EoL Solution  All TechR2 products and services incorporate Zero Trust Architecture data security techniques. Zero Trust Model

Data Security is Our #1 Priority (Data Security #1)

Don’t get washed away by the tsunami.

Resting on TechR2 industry and data security foundational certifications is training and engineering innovation to conduct efficient datacenter and enterprise decommissioning and refresh. Customer surveys from OEMs and Fortune companies mark TechR2 as excellent in all areas where in national IG and GAO reports other data destruction companies are scored as failing. Data Security is Our #1 Priority

Private Enterprise and Government Entities will not Miss the Regulatory Tsunami (Regulatory Tsunami)

FISMA Federal Information Security Modernization Act | CISA,  IRS 1075 Publication 1075 (irs.gov), CJIS Security Policy CJIS Security Policy, CMS Information Systems Security and Privacy Policy CMS Information Systems Security and Privacy Policy and more all map directly to required NIST Cybersecurity Controls. TechR2 fully meets these standards while other companies do not.

Contact TechR2

TechR2’s NEW Data Destruction as a Service (DDaaS) is the future model and the archaic ITAD processes are dead. DDaaS Data Destruction as a Service – TechR2.

Contact Sepp Rajaie to learn more. Contact our experienced TechR2 staff.

 

Tags :
Share This :

Recent Posts

Categories