HIPAA / HITECH COMPLIANCE
Auto-Lock unattended workstations.
No more worrying about unlocked workstations. Token-based proximity authentication means auto-enforcement of password and access security policies. HIPAA Security Rule compliance made easy.
Ensure only permissible users access information. GateKeeper helps healthcare clinics effectively protect PHI without effort.
"The latest versions of their tools are very impressive. I use their Halberd on my desktop just so I don’t have to always enter my long password. It is important to note that these tools still have 2 factors that are used to log into accounts. You must have the device and a password. I still see folks in hospitals grumble and enter a password from time to time."
Help Me With HIPAA
GateKeeper Enterprise HIPAA Compliance Summary
Security mechanism that increases security and decreases complexity of access. The U.S. Health Insurance Portability and Accountability Act requires safeguards against unauthorized users and information breach. Non-compliance by employees pose the greatest security risks. See how GateKeeper helps you adhere to HIPAA compliance by taking the burden off both users and admins.
|Section||Key Activity||Performance Criteria||GateKeeper Solution|
|164.306(b)||Flexibility of Approach||(1) Covered entities and business associates may use any security measures that allow the covered entity or business associate to reasonably and appropriately implement the standards and implementation specifications as specified in this subpart.|
(2) In deciding which security measures to use, a covered entity or business associate must take into account the following factors:
(i) The size, complexity, and capabilities of the covered entity or business associate.
(ii) The covered entity's or the business associate's technical infrastructure, hardware, and software security capabilities.
(iii) The costs of security measures.
(iv) The probability and criticality of potential risks to electronic protected health information.
|GateKeeper increases the security and decreases the access complexity of the covered entity by providing an automatic mechanism for the locking of a workstation when a user is no longer in proximity. A user does not have to manually lock their workstation when they are no longer present. This security mechanism decreases the potential risks to ePHI.|
|164.308(a)(5)(ii)(C)||Security Awareness, Training, and Tools -- Log-in Monitoring||Procedures for monitoring log-in attempts and reporting discrepancies.||GateKeeper Enterprise provides auditing and monitoring of all login events.|
|164.310(c)||Workstation Security||Implement physical safeguards for all workstations that access electronic protected health information, to restrict access to authorized users.||GateKeeper provides a mechanism to automatically prevent unauthorized access to unattended computers.|
|164.312(a)(2)(i)||Access Control -- Unique User Identification||Assign a unique name and/or number for identifying and tracking user identity.||Each GateKeeper token (key) address is associated with a user identity. Users can be identified and tracked by the hardware/software token identifier.|
|164.312(a)(2)(iii)||Access Control -- Automatic Logoff||Implement electronic procedures that terminate an electronic session after a predetermined time of inactivity.||Combined with an organization’s group policy for automatic logoff, GateKeeper provides an additional layer of access control by automatically locking a workstation when a user is no longer in proximity. Unlike timeout policies, GateKeeper reacts instantly to a user leaving their terminal.|
|164.312(b)||Audit Controls||Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.||GateKeeper audits user login activity within the enterprise platform at all times.|
|164.312(d)||Person or Entity Authentication||Implement procedures to verify that a person or entity seeking access to electronic protected health information is the one claimed.||GateKeeper's secure identity and access management solution uses a hardware or software token associated with an active directory account to create a strong multi-factor authentication system.|
"This program is the only thing that we had found to help us to be compliant with HIPAA standards without making us enter our passwords every time we entered a room. The amount of time and hassle this program has saved has been tremendous. We researched for quite some time and looked at many different options and this is the best, least expensive and most convenient of anything we found. I would whole heartedly recommend Gatekeeper for any medical and/or dental setting."
Mindy Riley, Office Manager
Southern Boulevard Dental Center
See GateKeeper proximity access control in action.
Take a self-guided tour of how your proximity-based access control can work.
GateKeeper Enterprise 45-Day Trial
Shift tactics to something that works. All your passwords in one place and only accessible by you. Trial allows you to experience fully automated access and security before full deployment. Try instant multi-factor authentication and worry-free workflow with proximity-based privileged access management.