1
A stable and well engineered platform with improved security and enhanced usability features resulted in swift growth in client’s market share A start up ISV in Healthcare domain had developed a platform where patients and doctors could connect and collaborate for improved patient well-being The platform was hosting sensitive demographics and patient related data and thus platform’s compliance with HIPAA guidelines was high priority. A Secured HIPAA Compliant Web Based Portal Harbinger systems analyzed the platform and carried out the following changes for HIPAA compliance: Improved event logging by writing user action in external file, resulting in quick troubleshooting of production issues Implemented a strong password policy using CAPTCHA mechanism and validating last 6 passwords along with encryption of password information in logs, to protect the system from malicious password break attacks Restricted maximum login attempts using CAPTCHA mechanism to prevent server from being flooded with requests Restricted one invite code to be used by one user only to allow authenticated users to sign up and avoid misuse of the system Designed and implemented a dedicated landing page for reporting the issues. This helped simplify production support process and saved manual efforts. Enhanced admin dashboard to display invite status, and implemented sub features like send reminders and auto reminders Added field level validations at client and server side www.harbinger-systems.com © Harbinger Systems [email protected] Calibri, 20, Bold The Platform needed to comply with the following HIPAA standards- Audit control, access control and standards for security awareness and training Reporting and handling of end user issues were being done manually Enable admin/doctor to monitor and track user invites and activities Web application lacked field level validations Web Application Development Situation Harbinger Solution Challenges Tools & Technologies Increased user confidence with HIPAA certification, lead to growth in client user base Futuristic, best-in-class solution that could easily scale with growing market needs Improved turnaround time for production issues resulted in enhanced user satisfaction Dashboard display for notifications lead to improved user experience Introduction of field level validations improved usability of the application Benefits Mongo DB 2.x Python 2.7.5

A Secured HIPAA Compliant Web Based Portal

Embed Size (px)

DESCRIPTION

A stable and well engineered platform with improved security and enhanced usability features resulted in swift growth in client’s market share

Citation preview

Page 1: A Secured HIPAA Compliant Web Based Portal

A stable and well engineered platform with improved security and enhanced usability features resulted in swift growth in client’s market share

A start up ISV in Healthcare domain haddeveloped a platform where patients anddoctors could connect and collaborate forimproved patient well-being

The platform was hosting sensitivedemographics and patient related data andthus platform’s compliance with HIPAAguidelines was high priority.

A Secured HIPAA Compliant Web Based Portal

Harbinger systems analyzed the platform and carried outthe following changes for HIPAA compliance:

Improved event logging by writing user action inexternal file, resulting in quick troubleshooting ofproduction issues

Implemented a strong password policy usingCAPTCHA mechanism and validating last 6 passwordsalong with encryption of password information inlogs, to protect the system from malicious passwordbreak attacks

Restricted maximum login attempts using CAPTCHAmechanism to prevent server from being floodedwith requests

Restricted one invite code to be used by one useronly to allow authenticated users to sign up andavoid misuse of the system

Designed and implemented a dedicated landing page forreporting the issues. This helped simplify productionsupport process and saved manual efforts.

Enhanced admin dashboard to display invite status, andimplemented sub features like send reminders and autoreminders

Added field level validations at client and server side

www.harbinger-systems.com © Harbinger Systems [email protected]

Calibri, 20, Bold

The Platform needed to comply with thefollowing HIPAA standards- Audit control,access control and standards for securityawareness and training

Reporting and handling of end user issueswere being done manually

Enable admin/doctor to monitor and trackuser invites and activities

Web application lacked field level validations

Web Application Development

Situation Harbinger Solution

Challenges

Tools & Technologies Increased user confidence with HIPAA certification, lead

to growth in client user base

Futuristic, best-in-class solution that could easily scalewith growing market needs

Improved turnaround time for production issuesresulted in enhanced user satisfaction

Dashboard display for notifications lead to improveduser experience

Introduction of field level validations improved usabilityof the application

Benefits Mongo DB 2.x Python 2.7.5

Towards HIPAA-compliant Healthcare Systems in …...Towards HIPAA-compliant Healthcare Systems in Cloud Computing Ruoyu Wu, Arizona State University, USA Gail-Joon Ahn, Arizona State

Towards HIPAA-compliant Healthcare Systems in …...Towards HIPAA-compliant Healthcare Systems in Cloud Computing Ruoyu Wu, Arizona State University, USA Gail-Joon Ahn, Arizona State

Documents
HIPAA-compliant Therapy Notes - ZANDER NURSING · Davis’s Notes Your Handheld Clinical Companions Combining commonly used but rarely memorized clinical information with HIPAA-compliant,

HIPAA-compliant Therapy Notes - ZANDER NURSING · Davis’s Notes Your Handheld Clinical Companions Combining commonly used but rarely memorized clinical information with HIPAA-compliant,

Documents
HIPAA-COMPLIANT PRIVATE CLOUD DELIVERS LIFE-SAVING … · 2020. 4. 4. · recovery and business continuity planning for HIPAA-compliant organizations •Highly responsive approach

HIPAA-COMPLIANT PRIVATE CLOUD DELIVERS LIFE-SAVING … · 2020. 4. 4. · recovery and business continuity planning for HIPAA-compliant organizations •Highly responsive approach

Documents
HIPAA Compliant IAM using Active Directory

HIPAA Compliant IAM using Active Directory

Healthcare
Building & Maintaining HIPAA-Compliant Applications in AWS

Building & Maintaining HIPAA-Compliant Applications in AWS

Technology
LUA HIPAA COMPLIANT MESSAGING Home Health Solutionfor+Home... · Home Health Use Cases LUA HIPAA COMPLIANT MESSAGING Home Health professionals are the most mobile healthcare workers

LUA HIPAA COMPLIANT MESSAGING Home Health Solutionfor+Home... · Home Health Use Cases LUA HIPAA COMPLIANT MESSAGING Home Health professionals are the most mobile healthcare workers

Documents
Next Slide Secure, Virus-Immune & HIPAA-Compliant Health …€¦ · Secure, Virus-Immune & HIPAA-Compliant Health Care IT Systems Dr. Steve G. Belovich Next Slide. C 2005 IQware,

Next Slide Secure, Virus-Immune & HIPAA-Compliant Health …€¦ · Secure, Virus-Immune & HIPAA-Compliant Health Care IT Systems Dr. Steve G. Belovich Next Slide. C 2005 IQware,

Documents
Compliant Email Solutions for HIPAA & SOX regulations

Compliant Email Solutions for HIPAA & SOX regulations

Technology
WHITE PAPER A Practical Guide to HIPAA-Compliant ...€¦ · A Practical Guide to HIPAA-Compliant Virtualization Executive Summary| Summary Healthcare enterprises have achieved major

WHITE PAPER A Practical Guide to HIPAA-Compliant ...€¦ · A Practical Guide to HIPAA-Compliant Virtualization Executive Summary| Summary Healthcare enterprises have achieved major

Documents
Hipaa Compliant Data Destruction

Hipaa Compliant Data Destruction

Data & Analytics
Hipaa Compliant Data Centers

Hipaa Compliant Data Centers

Documents
7 Advantages of HIPAA Compliant Texting Apps - Zinccontent.zinc.it/Ebook_eBook-7-advantages-of-HIPAA-complaint... · 7 Advantages of HIPAA Compliant ... we’ll also touch on the

7 Advantages of HIPAA Compliant Texting Apps - Zinccontent.zinc.it/Ebook_eBook-7-advantages-of-HIPAA-complaint... · 7 Advantages of HIPAA Compliant ... we’ll also touch on the

Documents
10 simple steps to be HIPAA Compliant

10 simple steps to be HIPAA Compliant

Technology
Seven Steps to Take When You have A HIPAA Compliant

Seven Steps to Take When You have A HIPAA Compliant

Education
Geo-Medical HIPAA Compliant Audience Targeting

Geo-Medical HIPAA Compliant Audience Targeting

Economy & Finance
Hipaa Compliant Answering Service

Hipaa Compliant Answering Service

Health & Medicine
HIPAA Compliant Cloud Computing, An Overview

HIPAA Compliant Cloud Computing, An Overview

Healthcare
HIPAA AND LAW ENFORCEMENT - OAHHS · HIPAA and Law Enforcement: ... Authorization forms used by law enforcement must be HIPAA compliant. ... hair and eye color,

HIPAA AND LAW ENFORCEMENT - OAHHS · HIPAA and Law Enforcement: ... Authorization forms used by law enforcement must be HIPAA compliant. ... hair and eye color,

Documents
Towards HIPAA-compliant Healthcare Systems in Cloud Computing

Towards HIPAA-compliant Healthcare Systems in Cloud Computing

Documents
GAIN HIPAA-COMPLIANT CLOUD SOLUTIONS WITH COGNIZANT AND AWS · cognizant aws cloud services hipaa-compliant cloud solutions gain hipaa-compliant cloud solutions with cognizant and

GAIN HIPAA-COMPLIANT CLOUD SOLUTIONS WITH COGNIZANT AND AWS · cognizant aws cloud services hipaa-compliant cloud solutions gain hipaa-compliant cloud solutions with cognizant and

Documents
HIPAA Compliant Records Management - ARC...ARC has created a compliant physical and digital infrastructure that will better equip you to meet and maintain HIPAA Compliance. These regulations

HIPAA Compliant Records Management - ARC...ARC has created a compliant physical and digital infrastructure that will better equip you to meet and maintain HIPAA Compliance. These regulations

Documents
L ea HiPaa-comPLiant soLutions H tHat ... - Business Services

L ea HiPaa-comPLiant soLutions H tHat ... - Business Services

Documents
Dropbox HIPAA Compliant File Sharing Services

Dropbox HIPAA Compliant File Sharing Services

Technology
How to develop HIPAA Compliant Applications

How to develop HIPAA Compliant Applications

Healthcare
Connectria Hosting- HIPAA Compliant Hosting Services

Connectria Hosting- HIPAA Compliant Hosting Services

Technology
University of Louisville School of Dentistry Deploys …...HIPAA Compliant The Solution Lua offered the University their first HIPAA compliant, cloud-based communication solution

University of Louisville School of Dentistry Deploys …...HIPAA Compliant The Solution Lua offered the University their first HIPAA compliant, cloud-based communication solution

Documents
Hipaa Compliant Data Centers White Paper

Hipaa Compliant Data Centers White Paper

Documents
How to be hipaa compliant

How to be hipaa compliant

Marketing
5 Reasons to be HIPAA Compliant

5 Reasons to be HIPAA Compliant

Business
HIPAA Compliant IT Infrastructure Guide - Atlantic · to your HIPAA-compliant infrastructure Tech support available 24/7 This e-book looks at healthcare law and what organizations

HIPAA Compliant IT Infrastructure Guide - Atlantic · to your HIPAA-compliant infrastructure Tech support available 24/7 This e-book looks at healthcare law and what organizations

Documents