- Cybersecurity & Privacy - Cloud Security
- Healthcare & Hospitals
- Product Research & Development
Since maintaining the confidentiality of human genetic data is of paramount importance to GenoSpace, the company has made security a top priority. In an environment where breaches involving healthcare data have reached alarming levels, GenoSpace understands the costly business impact of noncompliance with HIPAA patient privacy regulations and industry-leading data security practices. For example, the Identity Theft Resource Center’s 2014 annual list of security breaches points out that the medical/healthcare sector accounted for more than 42.5% of all the breaches listed, topping all other categories. Since reporting requirements began, the US Department of Health and Human Services has tracked 944 incidents involving approximately 30 million individuals.
Along with the persistence and enormity of this problem comes financial fallout. For example, in its study, 2014 Cost of Data Breach Study: Global Analysis, the Ponemon Institute estimated that the average cost of a data breach in 2014 was $3.5 million, an increase of 15% over 2013. Additionally, the average cost per record across all sectors also increased, from $188 to $201—and the per capita cost for healthcare was the highest across all industries at $316 per patient. And the typical fine for a data breach runs up to $1.5 million per incident. The cost of breaches to the healthcare sector overall is estimated at $5.6 billion annually.
Since the company’s inception, GenoSpace’s software development practices have incorporated the strongest possible data encryption to help secure these highly sensitive data sets and meet HIPAA compliance standards. On its website, HealthIT.gov, part of the US Department of Health and Human Services, highly recommends encryption as an integral part of a broader holistic and multilayered approach to securing healthcare data and minimizing the probability of damaging breaches. The HITECH Act of 2009 expanded HIPAA data breach reporting requirements and requires disclosure of breaches involving unprotected patient health data. The HITECH Act states that while encryption of data at rest and in transit is not required, it is certainly “addressable.” Failure to encrypt patient healthcare data can have significant ramifications, including steep fines.
The GenoSpace architecture is hosted on Amazon Web Services (AWS), which provides flexibility and scalability for its developers and customers. To ensure the utmost security for this public cloud implementation, GenoSpace takes a ground-up approach to encryption. Its solutions gather all of the data that will be subject to analysis and layer encryption on top of that to safeguard the confidentiality of sensitive healthcare data stored on AWS or data that travels over the Internet. This adds an important extra measure of protection to AWS built-in security features.
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.