Western Reserve Hospital Deploys SecureData

Western Reserve Hospital, a community-based healthcare provider in Northwest Ohio, has deployed SecureData‘s FIPS 140-2 Level 3 validated, managed and unmanaged storage devices to better protect sensitive patient data and meet strict data handling requirements enforced by the Health Insurance Portability and Privacy Act (HIPAA).

The hospital, which is owned and operated by local physicians and employs nearly 900 doctors, administrators, and support staff, needed a data security plan that was flexible and easy to deploy. Doctors and other staff members needed sensitive and regulated data to be portable and accessible to multiple users on-site and in transit when its physicians were required to attend to patients at other affiliated health clinics.

Vince Allen, manager of IT&S operations, Western Reserve Hospital, chose to implement a combination of SecureDrive KP/BT encrypted-external-drives portable external drives and SecureUSB KP/BT flash drives. All of these drives are FIPS-140-2 Level 3 validated and OS/host Independent, which means they can be used with any equipment or OS that supports standard USB ports.

Users authenticate SecureData storage devices using an onboard keypad and PIN (KP drives) or via a secure mobile app on your smartphone or mobile device (BT drives). All drives come with anti-hacking and force protection, read-only modes, and other enhanced security features. They also include a complimentary 1-year subscription to DriveSecurity by ClevX, a Seattle, WA-based information security technology company, for drive-based antivirus protection.

Allen also added remote management licenses, which provide greater levels of security by letting IT administrators centrally control where, when, and by whom BT drives can be accessed. This subscription-based-SaaS gives IT administrators in the health sector the flexibility they need to enforce security policies and protect company investment. All BT devices are remote management ready out of the box.

The remote management console can control where and when drives can be accessed (geo- and time-fencing), track and manage multiple drives on one account, remotely unlock a drive or reset a password, and remotely wipe a drive if it is stolen or lost. Unlike competing remote management solutions, SecureData’s remote management console is OS/host independent and requires no software applications to be preloaded or running on the host.

“To help ensure [HIPAA] compliance, we had to enhance our security to make sure that any portable data was encrypted and could be remotely wiped if the device is ever lost or stolen,” said Allen.

SecureData provided Western Reserve Hospital with a data security solution that met the rigorous requirements of HIPAA compliance.

“I’ve had zero complaints from my users, which are doctors, hospital staff, and my IT team,” Allen said. “No additional IT support is necessary after the initial setup.“

Case study: Making Data Security Compliance Easy for Hospitals