The Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 redefined the HIPAA Security Rule definition of “secure data” as data that is encrypted. Because of this, we are required to encrypt all laptops with the Optimus eMAR software installed. HITECH also laid out clear rules for notifying individuals and the U.S. Department of Health and Human Services in the case of a data breach. If an encrypted device goes missing, there is no such notification requirement and no monetary or legal penalty can be assessed.
When looking for an encryption product, my base requirements included: centralized client management, basic active directory integration, compliance logging and reporting, and support for our existing education classroom laptops and House Calls tablets. I identified three products that met these requirements: McAfee Endpoint Encryption, Sophos SafeGuard Enterprise, and Symantec PGP. All of these products were also listed in the leader’s quadrant of Gartner’s August 2010 Mobile Data Protection Report (image attached to email). After some in depth research and several discussions with our vendors, I am convinced that Sophos SafeGuard Enterprise is the best choice. It seems to be the best product from a technology and features perspective and I’ve heard from all our vendors that their technical support is top notch. Below is the cost breakdown.
Product| Per Device (Insight)| Total| Yearly Support| CDW| Dox| McAfee Endpoint Encryption| $49.81| $1,992| | | | Sophos SafeGuard Enterprise| $62.26| $2,490| $498| $64.00| $90.72| Symantec PGP| $124.69| $4,998| | | |
Medical Cart Laptop
While researching encryption, I took a look at the laptop we planned on ordering. In my opinion, the HP EliteBook Mobile Workstation 8740w ($1,633 each) is a huge waste of money. After inquiring, I learned that this device was chosen because: it has a very large screen (17”) compared to...