Exceed data compliance requirements for file transfer systems
EFT helps facilitate compliance of your patient, client, customer, and business data to meet data transfer standards mandated by HIPAA, HITECH, SOX, PCI DSS, and other government and industry mandates.
- Protect data in transit or at rest on file transfer systems
- Track and audit user activity and file movement
- Meet requirements for data wiping and sanitization
- Monitor and alert in real-time on potential violations of security standards
- Capture compensating controls and generate reports on compliance status
EFT SECURITY MODULES
Securing sensitive company data requires continuous monitoring and validation of security policies and controls. EFT makes it easy for an administrator to create and maintain file-transfer services that meet or exceed these standards with a simple set-up wizard. Once enabled, the Advanced or Express Security is an ever-vigilant security tool that disallows low-security options, captures compensating controls, and generates reports for auditing the system’s compliance status.
DMZ Gateway facilitates compliance with mandates such as PCI DSS requirements §1.3.7 that forbid storage of sensitive data in the demilitarized zone (DMZ). Unlike store-and-forward technologies, our DMZ Gateway does not store or process data. It acts as liaison between external connections and your internal network, ensuring that your data remains safe behind the firewall of EFT to store and process.
Your data remains secure because it’s never stored in the DMZ. With DMZ Gateway you no longer have to choose between security and efficiency.
Audit and Reporting Module (ARM)
With the Auditing and Reporting Module (ARM), you can capture all of the transactions passing through the EFT platform, query the data and view reports from the administrative console. You can analyze the captured data immediately using the preconfigured reports or custom design your own with the included report designers.
Our security modules, along with ARM, can help you maintain compliance by continuously monitoring PCI DSS and alerting on non-compliance, identifying the cause of non-compliance, allowing reverting security controls, and implementing mitigations/workaround techniques. ARM captures all of this activity in a fully relational database.
Email communications with patients, customers, and clients are required to meet privacy standards established by HIPAA, HITECH, SOX, PCI DSS, and others. Mail Express offers secure encrypted email solutions that enable you to protect sensitive information.
- Comply with personally identifiable information (PII) and patient medical data protection mandates
- Comply with encryption, storage, and auditing guidelines
- Provide secure alternative to cloud-based solutions for sending files
- Track, audit, and guarantee file delivery with pickup receipts