RSA SecurID® two-factor authentication software helps to ensure privacy and security and achieve HIPAA compliance
BEDFORD, Mass.— RSA Security Inc. (Nasdaq: RSAS), the most trusted name in e-security®, today announced that the University of Pittsburgh Medical Center Health System (UPMC) has deployed RSA SecurID® two-factor authentication in conjunction with the UPMC virtual private network (VPN). RSA SecurID software provides more than 1,300 doctors and medical specialists at UPMC with two-factor user authentication to help ensure secure, remote access to vital medical records. Through the use of RSA SecurID software, the center helps increase the productivity of staff and physicians by enabling the flexibility and convenience of viewing X-rays, test results and patient records over a high-speed Internet connection, while preserving the privacy and integrity of patients’ personal medical files.
Before deploying the VPN, UPMC depended on dial-up access to the network, which was limited by slow modem speeds. Using the VPN, doctors and other medical personnel gain the freedom of using high-speed Internet connections for viewing large data files such as X-rays, radiology reports and other electronic records that are virtually impossible to view over a dial-up connection. The VPN, used in conjunction with RSA SecurID two-factor user authentication, enables hospitals and clinics to work in real-time with radiologists and other specialists that may be working from any of the organization’s 19 hospitals in Western Pennsylvania.
Given the sensitivity of the data being exchanged over the Internet, UPMC needed a system that could provide a high assurance regarding the identities of medical personnel, to avoid any unauthorized disclosures. This is in keeping with the requirements of the Privacy and Security Standards under the Health Insurance Portability and Accountability Act (HIPAA) - United States federal regulations for the protection of patient privacy and the security of health information.
“When we deployed the VPN, we were searching for a faster, more flexible way to remotely access our networks without compromising the security of our medical records,” said John Kramer, information security manager for UPMC. “We knew that passwords were not secure enough to protect something as confidential and sensitive as healthcare information. After reviewing a wide variety of strong authentication solutions, only RSA SecurID software provided our doctors with the mobility and freedom to securely authenticate to the network from virtually anywhere with an Internet connection.”
Originally published as a proposed rule in 1998, the HIPAA Security Standard was published as a final rule in the Federal Register on February 20, 2003. The compliance deadline is April 21, 2005. However, the final Security Rule will have an impact on healthcare organization’s (HCO) efforts to comply with the Privacy Rule, which mandates security safeguards; this has a compliance deadline of April 14, 2003.
“This two-factor authentication deployment at UPMC demonstrates how RSA SecurID software can help healthcare organizations improve access to information, increase efficiencies, and ultimately be more competitive,” said John Worrall, vice president of worldwide marketing at RSA Security. “Protecting patients’ privacy and the security of health information is not only a regulatory requirement but allows UPMC to expand its use of the Internet with confidence.”
About University of Pittsburgh Medical Center
The University of Pittsburgh Medical Center is the leading integrated health care delivery system in western Pennsylvania and one of the largest not-for-profit integrated health care systems in the United States. UPMC enjoys a strong national and international clinical and research reputation, drawing patients from throughout the United States and more than 30 countries across the globe. UPMC has been ranked among the "best of the best" in U.S. News & World Report's hospital ranking for the past four years and is among the top recipients of National Institutes of Health research funding.
About RSA Security Inc.
With thousands of customers around the globe, RSA Security provides interoperable solutions for establishing online identities, access rights and privileges for people, applications and devices. Built to work seamlessly and transparently in complex environments, the Company’s comprehensive portfolio of identity and access management solutions - including authentication, Web access management and developer solutions - is designed to allow customers to confidently exploit new technologies for competitive advantage. RSA Security’s strong reputation is built on its history of ingenuity and leadership, proven technologies and long-standing relationships with more than 1,000 technology partners.
