blogheader-bg.jpg

Epiphany Healthcare Blog

Epiphany Healthcare has Received ISO/IEC 27001:2013 Cyber and Physical Security Certification

Posted by Russ DeRemer on February 10, 2020 at 11:39 AM

Cyber Security on the Mechanism of Metal Gears.

As I write this memorandum, Epiphany Healthcare is the only vendor in our market niche with a cyber-security certification.  We are excited to be able to demonstrate our commitment to our own security and our customer’s security with this certification.

When selecting a security certification body, we evaluated three alternatives for cyber and physical security certifications:

ISO 27001; HITRUST; and SOC 2.  All three are remarkably similar. 

“Each certification has similar controls and requirements, with SOC and ISO being remarkably equal, and HITRUST intensifying the “How” [in how] requirements are met.”  https://apgarandassoc.com/certification-readiness/

Medical device companies, with a Class II or Class III FDA-registered devices, utilize ISO 13485 certification to meet Quality Management System (QMS) requirements.  Having familiarity with the ISO QMS certification process led us to select ISO 27001 for cyber and physical security certification.

ISO In adopting the ISO 27001 standard, a company must consider risk assessment and treatment options.  Epiphany chose to establish a low-risk tolerance, which was the most demanding standard.  We implemented all recommended controls in ISO 27001, including those for cloud, creating a total of more than 121 controls.  We also chose to apply these controls to all aspects of our business and products, including Epiphany Cloud Services.  The investment in this certification, including man-hours, staff training, and registrar expenses exceeded $300,000.  Over 1,000 pages of documentation were either modified or created to meet the certification requirements.

These controls include establishing clear guidelines for responding to security events and incidents, employee onboarding/off boarding, work-from-home evaluations, mobile device management, office security, penetration testing, secure software development, adding new security technologies to our enterprise, business continuity plans to recover from unplanned events (such as a hurricane, ice storm, loss of power, etc.), ransomware and malware strategies, and even what is required on our visitor sign-in sheets.

All of the clauses, controls, and a summary of the implementation of Epiphany Healthcare’s Information Security Management System (ISMS) framework is available upon request.

 

Russ DeRemer

CEO

Epiphany Healthcare

Topics: ECG management system, information technology, cybersecurity

Consider the Profound Impact of Bidirectional Communication on Healthcare

Posted by Allison Fawber on June 27, 2017 at 1:30 PM

If speed and efficiency are the name of the game, what is the winning combination? Bidirectional communication.

bidirectional communication.png

Bidirectional communication is the ability to send information in both directions, from the EMR to the acquisition device and back. Within the healthcare industry, this exchange between electronic systems and technology devices positively impacts the quality of care.

Information and Communication Technology: How it Works

Information and Communication Technology (ICT) in healthcare raises the quality of patient care because its platform is more patient-centered. ICT also puts information in the hands of the medical professionals when they need it most—immediately.

  • Patient records – Paper-based systems become bulky and disorganized with storage spaces that are overfilled and difficult to navigate. Computerized record-keeping starts at the admissions desk and continues through discharge. It keeps subsequent admissions and patient care data in an electronic file.
  • Modality worklists – Patient data can be transferred between the hospital’s EMR and the electronic device.

ICT Reduces Errors and Saves Time

When patient information is available anytime/anywhere, there is no need for manual data entry, thus reducing human errors.

  • Orders can be directed to a specific cart or location and then downloaded by a user.
  • Communication can be protected by Secure Sockets Layer (SSL).
  • Duplicate data – Different medical professionals entering the same data, over and over, increases the risk to patient confidentiality and wastes valuable time.

Bidirectional Communication for Greater Efficiency

Patients’ healthcare is compromised when their medical-information management is less than optimal. If your hospital has been postponing the addition of ICT, you’re losing time when you could be implementing changes that will save time.

Progress means interoperability and interoperability means efficiency. Epiphany has implemented communications technology that reduces time and duplicated efforts with its Cardio Server platform; a major advantage for physicians as they can access data 24/7 from remote locations to better manage patient care. And as a benefit for technicians, modality worklists prevent human error from manual data entry. Worklists allow for bi-directional communication with cardiographs, stress, Holter, PFT devices, and more.

Contact us to learn more about enhanced healthcare through increased efficiency.

New Call-to-action

Topics: Healthcare Communication, bidirectional communication, information technology

Subscribe to Our Blog

Posts by Tag

See all

Follow Us: