As HIPAA and FERPA audits ramp up, CIOs at higher ed institutions, medical schools and hospitals, K-12 districts, and state and local governments are bolstering safeguards and security practices.
(COLUMBUS, Ohio and PHILADELPHIA, Penn.) – October 27, 2017 – Next week during the EDUCAUSE Conference, TeamDynamix will showcase V10, released on October 23. The latest release focuses on data protection for sensitive information housed in the service management platform. CIOs and service management leaders are responsible for protecting sensitive information such as Electronic Private Health Information (ePHI) and personal HR information and preventing other security vulnerabilities.
Penalties can be steep for violations. The per entity fines have increased from about $850K in recent years to $2 million in 2016. With universities housing hospitals and health systems, it is vital to simultaneously provide access to information for systems management while also protecting personal records under HIPAAi law. Additionally, organizations are now looking to safeguard PII (Personally Identifiable Information) such as social security numbers, and in education, FERPA – a Federal law protecting the privacy of student education records – is also driving demand.
TeamDynamix delivers solutions for service management and project portfolio management on a single platform and is widely used in higher education environments which must adhere to these federal guidelines.
“Today leaders need access to information in order to provide service, but most service management tools do not adequately protect sensitive information without significant and costly customization. CIOs and other department leaders are faced with either exposure to risk or significant cost to protect sensitive data that may be part of the service management process,” said Andrew Graf, head of product strategy at TeamDynamix. “TDX V10 aims to offer service leaders and CIOs the ability to limit the risk associated with sensitive information by instituting multiple layers of protection and access to field level data. This means that, regardless of who may have access to a specific record, additional access for specific fields can require a PIN.”
The storage of data – particularly in IT, HR and Healthcare functions – can include sensitive information falling under PII, HIPPA, ePHI and FERPA regulations.
- IT Security: TDX effectively manages sensitive security risks, changes, and incidents without fear of exposing vulnerabilities to unauthorized people or systems.
- Human Resources: TDX effectively manages sensitive requests for promotion, terminations, leave and disciplinary action while reducing the risk associated with the mishandling of private information.
- Healthcare: TDX helps reduce HIPAA violation risk without significant cost by ensuring that ePHI is only visible to authorized personnel and ePHI access activity can be thoroughly audited. Universities with associated health sciences and medical schools require this level of protection.
“We are seeing an increased need and demand for security to be embedded in service management platforms,” said Sandi Conrad, Senior Director, Infrastructure Practice at InfoTech. “As service management expands across the organization and becomes a broader case management tool for other departments, a broad spectrum of users will have access. Furthermore, the applications for these platforms is rapidly expanding. Understanding how to protect data and where to protect data are vital criteria in this category.”
About TeamDynamix
TeamDynamix cloud-based work management software gives service organizations in non-corporate environments the ability to align, work together, and simplify their work management processes. TeamDynamix transforms IT from order taker to strategic innovator. Colleges and universities, K-12 districts, state and local governments, and nonprofits use the TeamDynamix project portfolio and service management platform to work together faster, better, smarter. More at TeamDynamix.com, @TDXBuzz, LinkedIn. See TeamDynamix at booth 1717 at EDUCAUSE.
i HIPAA: Health Insurance Portability and Accountability Act of 1996 is United States legislation that provides data privacy and security provisions for safeguarding medical information.
FERPA: Family Educational Rights and Privacy Act of 1974 is a federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.
PII: Personally identifiable information (PII) is any data that could potentially identify a specific individual. Any information that can be used to distinguish one person from another and can be used for de-anonymizing anonymous data can be considered PII.
ePHI: Electronic protected health information (ePHI) refers to any protected health information (PHI) that is covered under Health Insurance Portability and Accountability Act of 1996 (HIPAA) security regulations and is produced, saved, transferred or received in an electronic form.