Appistry Strengthens Security and Privacy for Genetic Information
News Mar 28, 2012
With this milestone, Appistry provides customers deploying Ayrris/BIO for the advanced analysis of Next Generation Sequencing data with assurance that their genomic information is private, portable and secure.
The Heath Insurance Portability and Accountability Act of 1996 (HIPAA) is a set of established federal standards intended to ensure the security and privacy of protected health information (PHI). HIPAA’s Privacy Rule requires that an individual’s health information is properly protected by certain covered entities, such as healthcare providers, health plans, and health clearinghouses, and their business associates. In order to be compliant, organizations that handle PHI must design their systems and applications to meet HIPAA’s privacy and security standards and related administrative, technical and physical safeguards. These standards include the implementation of access controls, encrypting data and setting up back-up and audit controls for electronic PHI in a manner commensurate with the associate risk.
Appistry recognizes that as more research facilities use the cloud to analyze and store genetic data, technology providers must ensure the data is secure. Appistry’s Ayrris/BIO genomic cloud and analytics service both operate under the same secure environment required of covered entities under the HIPAA regulations.
“Appistry has always ensured that genetic information in our genomic cloud and analytics service exceeds current industry standards for security and privacy and now we can emphatically state that we are leading the way with HIPAA compliance,” Said Kevin Haar, CEO of Appistry. “As genetic information increasingly becomes more accessible, actionable and portable, the installation of data security measures in accordance with established standards will continue to be imperative for Appistry.”
To achieve security standards compatible with HIPAA regulations, Appistry proactively developed and implemented security mechanisms. When utilizing the Ayrris/BIO service or appliance, customers have access to unique user identification, automatic session expiration for its web interface, encryption and decryption of user account details both in-transit and at rest, and detailed audit logs--all components that signify a proactive approach to data protection and HIPAA compliance.
“Now that the Ayrris/BIO service and on-premise appliance meet HIPAA compliant standards, our customers have complete peace of mind knowing that their sensitive information is secure,” said John Leighton, Vice President of Engineering. “All drives are now encrypted, audit processes logged and security policies established in accordance with HIPAA guidelines and standards.”