
Encrypting health records
Patented next generation health data encryption, masking & key management
HIPAA Security Rule and HITECH compliance requires implementation of a mechanism to protect all electronic protected health information (ePHI). The HITECH Act requires the disclosure of data breaches of “unprotected” (unencrypted) personal health records (PHR), including those by business associates, vendors and related entities. More details about HIPAA are here.
To determine when information is “unsecured” and notification is required by the HHS and FTC rules, HHS is issuing an update to its guidance. This update to regulations specifies encryption and destruction as the technologies and methodologies that render protected health information unusable, unreadable, or indecipherable to unauthorized individuals.
Entities subject to the HHS and FTC regulations that secure health information as specified by the guidance through encryption or destruction are relieved from having to notify in the event of a breach of such information.
Best Practice Guidelines recommended by security experts for data at rest, transmission & sharing:
Encryption – Data that is encrypted is “Out of scope of the Law”. De-identification, access controls, key management, policy based, auditing and monitoring. Whilst there are many frameworks such as PCI DSS or ISO27001 or others many like the PCI DSS due to its prescriptive guidance.
Overall goals for organizations when implementing solution:
- Protect all 18 categories of ePHI data.
- Install solutions in a way that does not change business processes or require user re-training.
- Reduce initial and recurring compliance costs.
- Reduce operational costs.
- Ensure potential for security depth scaling as compliance requirements change
Read on and learn how Randtronics DPM address encryption-related business challenges.
- Name
- Address, City, County, ZIP Code
- Elements of dates
- Telephone numbers
- Fax numbers
- Email addresses
- SSN
- Medical record numbers
- Health plan beneficiary numbers
- Account numbers
- Certificate/license numbers
- Vehicle identifiers
- Device identifiers
- URLs
- IP Address
- Biometric identifiers
- Full face images
- Any other unique identifying data
Further reading:
Latest news and articles

Transforming Data Security: Three Breakthrough Developments Reshaping Protection Standards
The Evolving Frontier of Digital Protection The digital security landscape is changing at breathtaking speed. Each day, cyber threats grow more sophisticated, while data breaches

Why Traditional Defenses Are No Longer Enough to Protect Your Data
Data breaches are no longer a question of “if,” but “when.” As cyberattacks grow more sophisticated, organizations relying on traditional perimeter defenses find themselves vulnerable

Data Breaches Start with Unencrypted Data: Here’s How to Stop Them
As organizations grow more reliant on data-driven operations, protecting sensitive information must become a top priority. Unfortunately, many companies still store data without encryption, creating
Our Customers







