ZOLL Pulse Blog: EMS, Fire & Healthcare Insights | ZOLL Data Systems

Security, HIPAA & HITECH Compliance

Written by Larry Malloy | Nov 28, 2012 7:50:00 PM

If you are dealing with patient health information, security and compliance concerns may keep you awake at night. Basic data security and HIPAA and HITECH compliance are mandatory when it comes to the privacy and security concerns associated with the electronic transmission of health information.

In this blog, we want to address two common questions we receive about data security and compliance issues as it relates to ZOLL Online.

  • “Is my data secure?”
  • “Does ZOLL Online support my HIPAA and HITECH compliance responsibilities?”

The answers to both of these questions are “Yes”. Let’s give you a little idea of how serious we take these concerns.

Security:

Security comes in many forms. At ZOLL, we take every precaution to ensure your data is safe and secure. This includes following data center security best practices, application and server design best practices, system architecture best practices, and database design best practices. Here are some examples.

Data Center Security: In order to maintain a secure and stable hosting environment, ZOLL has partnered with a premier hosting service provider to provide the data center platform for ZOLL Online & RescueNet applications.  This includes both physical security and network security measures.

Database Security Features: All data is protected in the secured database behind firewalls, user presentation layers, business service layers all of which require authentication maintained and set by the system itself. Additionally all users accessing the user presentation layer must authenticate to the system before they can access data over SSL encryption.
Application Security Features: Connections to ZOLL Online applications are done over a secure channel, ensuring that the transmission of data between your computer and ZOLL is never compromised.

Security Validated by Third Party Auditors: ZOLL runs weekly external network vulnerability scans, annual 3rd party penetration tests, as well as tests after network changes.

HIPAA and HITECH Compliance:

HIPAA Business Associate Agreements are maintained between ZOLL and service providers. Annual risk assessments are conducted by a security auditor to validate that ZOLL is maintaining appropriate data controls. Click here to access information on HIPAA and HITECH compliance.

Reliable, High Performance Design:

ZOLL Online is designed from the ground up to take advantage of the latest technology, tools, system architecture, and software development best practices to provide a platform for optimum reliability and high performance.

Site Failover: Disaster recovery services are in place including leveraging network redundancies and geographically diverse data sites. Data centers are also equipped with load balancers and redundant core switches to ensure the integrity and availability of your data. Disaster recovery is tested annually in a joint effort between ZOLL Operations and our hosting service provider.

Hosted applications are becoming more prevalent and offer many advantages over enterprise applications. Many of those benefits will be covered in future blog posts.

If you have any questions about ZOLL Online, please add your questions below or contact us through either email (support@zoll.com) or phone at 1-800-663-3911. If you are a current ZOLL customer, you can also join in the ZOLL Online discussion forum.

Rest assured, your patient data is safe with ZOLL.