FIPS Validation for Datrium

Datrium, Inc., a provider of open converged infrastructure for hybrid clouds, achieved FIPS 140-2 Level 1 validation from the Computer Security Resource Center (CSRC) of the National Institute of Standards and Technology (NIST).

Mobile block diagram

With this FIPS Object Module, healthcare IT providers can exceed, rather than simply meet, the minimum security and encryption requirements for the safeguarding of patient medical information.

Datrium certification comes as the industry prepares for HIMSS18, the annual conference of the Health Information and Management Systems Society (HIMSS), and against a backdrop of growing security concerns and ever more stringent data privacy and security regulations for the safeguarding of patient medical information.

According to Enterprise Strategy Group’s 218 IT Spending Intentions Survey¹, cybersecurity was cited as the #1 investment area for the IT organizations surveyed, with data security ranking second among 14 cybersecurity priority investments areas.

Datrium will be debuting its FIPS Object Module with its Blanket Encryption product as an exhibitor in the HIMSS18 exhibition, taking place from 5-9 March in Las Vegas, NV.

National Physician Services (NPS) is one healthcare IT provider that is balancing these imperatives, while choosing to exceed security and encryption requirements with Datrium. This provider of practice management and Electronic Health Record (EHR) technology to physician practices, hospitals and other healthcare providers, has selected Datrium to run its entire Allscripts Touchworks solution in support of its HITRUST certification process.

Datrium powers NPS’s ambulatory service databases, where 1.1 million appointments are scheduled and managed every year – amounting to approximately 110,000 transactions per day. The system services six AHS entities and accounts for over 1,000 physicians, while the Datrium infrastructure powers a half-billion dollars of financial transactions each year. While NPS remains vendor-agnostic with regard to clinical applications, it currently has more than 80 different applications running on Datrium as their converged infrastructure.

“NPS was founded on the belief that an organization 100% focused on Managed Healthcare IT services would help our healthcare clients thrive in the highly competitive and rapidly changing regulatory and technology marketplace,” said Bryan Graven, CEO, NPS. “The Datrium solution has become a critical part of our competitive advantage, providing our clients with incredible performance and data security, while reducing the time we spend managing infrastructure.“

Datrium DVX Solution
The Datrium DVX converges tier 1 hyperconverged infrastructure (HCI) with scale-out backup and cloud DR. With Datrium, each VMware host leverages local CPU and flash for performance while sharing the DVX storage pool for converged, encrypted backup as well as enabling DR copies on AWS. The DVX enables a resilient and secure infrastructure to run critical healthcare applications. This platform aligns with the needs of healthcare systems-locally, regionally, and even at the national scale-by increasing flexibility, reducing complexity, and improving performance while lowering both initial and long-term costs.

Key solution benefits include:

Performance for Electronic Medical Records (EMR)
Security and compliance with NIST FIPS 140-2 certification
Scalable storage for PACS and VNA with integrated data protection – increased purchase predictability and reduced TCO.

Built into DVX, Datrium Blanket Encryption protects data in use, in flight and at rest while maintaining full deduplication and compression, reducing network and storage costs. This technology is providing FIPS validated, software-based end-to-end encryption to secure Protected Health Information (PHI) data in use on servers and server-based SSDs, at rest on secondary storage, and in-flight between the two.

Blanket Encryption uses the FIPS 140-2 AES-XTS-256 military grade crypto algorithm and leverages the Intel Intelligent Storage Acceleration Library (Intel ISA-L) with Intel AES new encryption instructions set (Intel AES-NI) to support healthcare organizations in satisfying regulations such as HIPAA, HITECH, PIPEDA, and the requirements of national healthcare systems.

”In most healthcare IT systems we see only data at rest encryption, and the only attack vector that addresses is ‘physical’ access to drives, which also happens to be the lowest stated aspect of HIPAA,” said Andre Leibovici, VP Solutions, Datrium. “That’s not enough data should be protected on the server as well as when in motion, moving through a network, including wireless transmission.“

The Datrium FIPS Object Module is available at no charge with every DVX system.

¹ESG master survey results, 2018 IT Spending Intentions Survey, December 2017.