Current environment: Hospital Computing Systems where client applications are installed on end user devices. Health care data is less secure, and access from some locations and devices is not possible.

ApplicationAnswers

Expand healthcare information access while ensuring HIPAA compliance

Challenge: Increase security to better manage information access for HIPAA compliance

Complying with HIPAA regulations has been top of mind for healthcare providers over the last several years. With the HIPAA Security Rule now in effect, providers are continuing compliance efforts such as maintenance, auditing and process improvements. One ongoing challenge is how to ensure HIPAA compliance while delivering convenient access to patient information and other resources for clinicians at the point of care, which can be in a hospital, clinic, patient home or even a private practice office. Centralization of patient data, encryption of communications, reduction of data exposure on client devices, and improved access controls are ways in which CIOs can reduce the security risks facing their organizations to strengthen regulatory compliance while giving clinicians flexible, on-demand access to critical healthcare information.

The CIO’s compliance role is to make sure the necessary administrative, physical and technical controls are in place to safeguard confidential patient information. At the same time, CIOs are challenged with expanding access to hospital systems for physicians, remote treatment facilities, and other partners along the continuum of care to increase operating efficiencies and improve quality of care.

Healthcare IT organizations are being challenged to:

● Deliver secure remote access for physicians and other clinicians● Improve provisioning of access to hospital systems● Increase security of shared workstations / kiosks in hospitals● Minimize cached or saved patient information on distributed devices● Enhance authentication and password practices● Ensure encrypted communications over wireless LANs, LANs, and WANs.● Protect systems from malicious code

Benefit Citrix solutions facilitate flexible, real-time access to applications and information for

healthcare workers at the point of care, while providing an array of security and control capabilities that support HIPAA compliance.

Solution Citrix delivers solutions that make it easy to centralize and consolidate applications

to facilitate access controls, security, and system and usage monitoring that support compliance. Citrix Presentation Server™ unifies access control, application delivery, se-cure remote access, and password management technologies into a single solution that decreases the time and cost of protecting critical health and patient information to achieve HIPAA compliance. Equally important, the Presentation Server enables healthcare providers to create an environment that delivers convenient, secure, on-demand information access for improved patient care.

Description Because Citrix Presentation Server virtually delivers clinical and administrative

applications from central servers, secure access can be enabled from any location, device or connection. Presentation Server gives users the flexibility to connect from their private office, home office, mobile device or wherever care is delivered. In a typical hospital environment with shared workstations, Citrix technology allows clinicians to rapidly switch from one computer or kiosk to another, reducing login times by 90% and allowing more time with patients. Enterprise single sign-on access to password-protected applications also simplifies and speeds login.

At the same time, Presentation Server tightens control and security of patient information for improved HIPAA compliance. Specifically, the Citrix solution allows IT to monitor and control access to applications from the data center, and keeps data behind the firewall instead of exposed on the desktop. It also reduces complexity and costs of documentation and auditing by consolidating disparate systems.

Presentation Server provides identity-driven access controls featuring sense-and-respond technology, together with password security and data encryption –all of which give healthcare providers the confidence to expand information access to the point of care. Remote access over the Web is protected using SSL VPN technology; the system also interoperates with strong authentication devices such as smart cards and biometrics to enhance security. Citrix’s unique SmartAccess capability analyzes the user’s scenario and delivers the appropriate level of secure access –remotely controlling whether users can download, edit, print or preview documents. Additionally, the Presentation Server gives IT the tools to centrally manage the password process, thus increasing security with auto-mated password changes and strong policies while reducing complexity for clinicians.

Solution environment: Using Citrix Presentation Server, client applications are installed and executed on servers in the data center where they can be more easily secured. Further, access can be extended to a wider set of users and scenarios, without compromising security or HIPAA compliance.

Products● Citrix Presentation Server, Platinum Edition

Find out more Citrix-sponsored information for regulatory compliance: http://www.regulatoryanswers.com

Citrix healthcare solutions http://www.citrix.com/healthcare

ApplicationAnswersExpand healthcare information access while ensuring HIPAA compliance

©2007 Citrix Systems, Inc. All rights reserved. Citrix®, Citrix Access Gateway™ and Citrix Presentation Server™ are trademarks of Citrix Systems, Inc. and/or one or more of its subsidiaries, and may be registered in the United States Patent and Trademark Office and in other countries. Microsoft®, Windows® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries. All other trademarks and registered trademarks are property of their respective owners.