Global DataGuard Ensures HIPAA Compliance For Electronic Protected Health Information

Enterprise UTM Products and Services Improve Compliance Posture and Reduce Cost of Ownership

Dallas, Texas, April 21, 2008 – Global DataGuard, the premier provider of Enterprise Unified Threat Management for small and medium business to large enterprise environments today announced that it is offering a full suite of enterprise-class products and services to assist healthcare organizations in successfully implementing Security Standards outlined by the Health Insurance Portability and Accountability Act (HIPAA). Utilizing a fully integrated portfolio of Enterprise UTM products and world-class managed and professional services, Global DataGuard’s HIPAA compliance solution provides for risk-based network assessment, auditing and planning for administrative, physical and technical safeguards, and includes a comprehensive behavioral-based network security architecture to help organizations efficiently and cost-effectively protect confidential healthcare data and electronic healthcare transactions.

To enable healthcare organizations to effectively implement the various provisions of HIPAA, the rule titled “Security Standards for the Protection of Electronic Protected Health Information,” commonly known as the Security Rule, is designed to ensure that Electronic Protected Health Information (EPHI) is available only to those individuals who should have access to it. The Security Rule specifies a series of administrative, physical and technical procedures for covered entities to use to protect the confidentiality of EPHI. Covered entities such as Healthcare Providers, Health Plans, and Healthcare Clearinghouses must comply with these requirements and implementation specifications in order to avoid potential sanctions and fines. Compliance with the Security Rule standards also reduces the risk of lawsuits and damage to an organization’s reputation.

“With the move toward a National Health Information Infrastructure (NHII) and greater use of electronic health records, protecting the confidentiality, integrity, and availability of EPHI is more critical than ever,” stated Dean A. Trumbull, vice president and chief operating officer for Global DataGuard. “Our actionable, predictive Enterprise UTM security suite and 24/7 Managed Services align with the administrative, physical and technical safeguards as defined by the Security Rule – enabling healthcare organizations to improve their compliance posture, reduce infrastructure costs and avoid expensive sanctions and penalties for non-compliance.”

Maintaining Compliance Makes Good Business Sense

Global DataGuard’s extensive experience in supporting organizations working toward improving their compliance posture extends to all aspects of internal and external IT security. It includes behavioral analysis and correlation, security monitoring, vulnerability management, network access management/monitoring, assessment, training, project management, policies and procedures, and regulatory compliance audits. This holistic, behavioral-based approach to security integration enables Global DataGuard to address administrative, physical and technical safeguard requirements within the Security Rule by providing:

• A risk-based methodology to help customers regularly audit IT systems, policies and procedures to ensure that they align with HIPAA requirements;
• Evaluation of, and regular reviews for administrative, physical and technical security controls, with assessments and recommendations for areas in need of improvement;
• Full lifecycle device management, including change and configuration management;
• Workforce and training policy audits and assessment;
• Annual vulnerability assessments and evaluation of an organization’s electronic security perimeter to determine HIPAA compliance;
• Ongoing rule-set changes and firewall monitoring to identify signs of attack;
• Detailed web-based reporting through the Global DataGuard Portal;
• Monitoring of network access points to detect, prevent, deter, and mitigate the introduction, exposure and propagation of malware;
• Assistance with development and implementation of an Incident Response Plan to ensure that it meets or exceeds minimum HIPAA requirements for classification, response, reporting, and documentation; and
• Regular recovery and disaster backup plan audits to identify gaps that should be addressed in order to successfully respond to an emergency or other occurrence that damages systems containing EPHI.

From auditing to technology, process and policy, Global DataGuard’s fully integrated, behavioral based Enterprise UTM++ security suite and All-n-One Security Module can help customers cost-effectively achieve and maintain ongoing regulatory compliance within their unique vertical market, whether it’s for HIPAA, PCI , SOX or NERC CIP.

About Global DataGuard, Inc.

Global DataGuard™ is the technology leader in Enterprise Unified Threat Management for small/medium business to large enterprise environments. The company has been arming Fortune 1000 companies with battle-tested, proven Enterprise UTM solutions and Security Risk Management (SRM) Managed Security Services since 2001. Today, Global DataGuard solutions are deployed on three continents in both corporate and managed services environments. For more information, call (972) 980-1444 or visit our web site at www.globaldataguard.com.

# # #

Global DataGuard, All-n-One Security Module, Enterprise UTM++ and Security Risk Management Managed Security Services are trademarks of Global DataGuard, Inc. Other company, product or service names mentioned herein may be trademarks or service marks of their respective companies.