Healthcare Information Technology
Become EPCS Certified
Certify your EHR or ePrescribing Application as Electronic Prescriptions for Controlled Substances. Learn more »
Determine If Your Healthcare Security Product Is Ready for HHS Breach Safe Harbor Certification
Use our free SecureEHR Online Product Profile to assess whether your Healthcare product qualifies for HHS Safe Harbor from Breach Reporting. Learn More »
Understand InfoGard's EHR Certification Process
Use InfoGard's ONC-ATCB Process for decrypting technical language and guiding you through the procedures for becoming EHR certified.
Learn More »
Healthcare Information Technology
InfoGard, applying 18 years of Cryptographic Knowledge, leads all other organizations by being the first and only organization to offer certifications for both HIT Security and Privacy.
DEA’s rigorous EPCS requirements will heavily influence all HIT security in the future. InfoGard is the first DEA EPCS Certifier and as Federal Security Lab for sixteen years both positioned and extremely qualified to provide technical leadership for all HIT security and privacy. DEA’s interim final ruling defining EPCS requirements referenced many NIST security and privacy specifications, an area the company has been engaged in for sixteen years. Furthermore, to achieve the security and privacy requirements for EPCS, the DEA has employed cryptography and heavily referenced the cryptographic module requirements, e.g., in the March 31, 2010 EPCS Interim Final Rule, published in the Federal Register, FIPS 140-2 is cited twenty nine times.
In the area of privacy, InfoGard has introduced a certification for both Healthcare Products and healthcare organizations that use products to determine qualification for the HHS Safe Harbor from Breach Reporting. Healthcare organizations that qualify are provided a HHS Safe Harbor from the requirement of reporting violations. This immunes the organization from joining the over 300 organizations who have joined the wall of shame available online on HHS’ website. Similar to the DEA’s security requirements, the HHS Safe Harbor requirements reference FIPS 140-2 and other NIST requirements. See http://edocket.access.gpo.gov/2009/pdf/E9-20169.pdf page 42742 on the right bottom column.
In addition to InfoGard’s Cryptographic Knowledge, the company also has an unrivaled history with network protection. Our expertise in penetrating testing allowed us to take the lead role in the creation of the ANSI X9.111 Penetration Testing Standard by proposing and authoring it as part of our work within the American National Standards Institute (ANSI) ASC X9F4 working group. In addition, InfoGard performs the validation testing of Approved Scan Vendors (ASV) on behalf of the Payment Card Industry (PCI).
The company applies this expertise to HIT by offering:
InfoGard provides these healthcare IT offerings:
- EHR Testing and Certification
- EHR Certified Products List
- ONC-ATCB Certification
- Hospital EHR Certification
-
Hospital Meaningful Use Incentive Payment
Security Risk Analysis - Electronic Prescriptions for Controlled Substances (EPCS)
- HIPAA Security and Privacy Assessments
- SecureEHR
- Breach Safe Harbor Certification
- CalHIPSO
- Penetration Test Services for Healthcare
- Healthcare Vulnerability Scan Service
- Medical Device Validation Required by VA
- Services for Security Technology Vendors
INFOGARD
CLIENTS
SECURITY TECHNOLOGY
SERVICES & PRODUCTS
RESOURCES
Resources by Sectors
General Resources
Home | Legal & Privacy Policy | Site Map | Feedback
© 1998–2012 InfoGard Laboratories. All rights reserved.