Privacy and Security

When sharing electronic health information, patient privacy and data security is our highest priority

Cybersecurity Direction

Fueled by a deep understanding of Cybersecurity compliance and risk, Healthix is adopting a continual improvement model. With HIPAA, HITECH, and the Statewide Health Information Network of New York (SHIN-NY) to follow, we are investing in the people, processes, and technology to meet and  exceed these requirements. Exemplyfing this commitment is Healthix adherence to the highest level of industry certification. Currently, Healthix is in process of SOC 2 certification, with future aims of completing HiTrust certification and many of the NIST 800-53 requirements.

Technology

Healthix is continually investing in technology to better protect patient data. We utilize state-of-the-art technology to actively block would be attackers and alert us of potential attacks. We utilize a full range of technologies to protect our servers including;

  • Firewalls
  • Antivirus
  • Managed Security Services Provider
  • File Integrity Monitoring
  • Multifactor Authentication
  • Network Intrusion Prevention Systems

Privacy

When it comes to privacy, Healthix is deeply committed to protecting the privacy of the patient’s data. We follow the New York Department of Health Guidelines and regularly perform audits for unauthorized access to patient data. Going above and beyond the mandates, Healthix generates alerts when an unauthorized access is attempted allowing for a rapid response.

Programs

Healthix has a range of cybersecurity programs including;

  • Cybersecurity Risk Management
  • Incident Response
  • Security Architecture (Network and Application)
  • Identity and Access Management
  • Threat and Vulnerability (including yearly penetration testing)
  • Awareness and Training
  • Configuration Management
  • Data Protection