SUNNYVALE, Calif., Feb. 27, 2018 /PRNewswire/ -- Datrium, the leading provider of Open Converged Infrastructure for hybrid clouds, announced it has achieved FIPS 140-2 Level 1 validation from the Computer Security Resource Center (CSRC) of the National Institute of Standards and Technology (NIST). With the Datrium FIPS Object Module, healthcare IT providers can exceed, rather than simply meet, the minimum security and encryption requirements for the safeguarding of patient medical information.
Datrium certification comes as the industry prepares for HIMSS18, the annual conference of the Health Information and Management Systems Society (HIMSS), and against a backdrop of growing security concerns and ever more stringent data privacy and security regulations for the safeguarding of patient medical information. According to Enterprise Strategy Group's 218 IT Spending Intentions Survey1, cybersecurity was cited as the #1 investment area for the IT organizations surveyed, with data security ranking second among 14 cybersecurity priority investments areas. Datrium will be debuting its FIPS Object Module with its Blanket Encryption product as an exhibitor in the HIMSS18 exhibition, booth 11529, taking place from 5-9 March in Las Vegas, Nevada.
National Physician Services (NPS) is one healthcare IT provider that is successfully balancing these imperatives, while choosing to exceed security and encryption requirements with Datrium. This provider of practice management and Electronic Health Record (EHR) technology to physician practices, hospitals and other healthcare providers, has selected Datrium to run its entire Allscripts Touchworks solution, in support of its HITRUST certification process.
Datrium powers NPS's ambulatory service databases, where 1.1 million appointments are scheduled and managed every year – amounting to approximately 110,000 transactions per day. The system moreover services six AHS entities and accounts for over 1,000 physicians, while the Datrium infrastructure powers a half-billion dollars of financial transactions each year. While NPS remains vendor-agnostic with regard to clinical applications, it currently has more than 80 different applications running on Datrium as their converged infrastructure.
"NPS was founded on the belief that an organization 100% focused on Managed Healthcare IT services would help our healthcare clients thrive in the highly competitive and rapidly changing regulatory and technology marketplace," said Bryan Graven, CEO of NPS. "The Datrium solution has become a critical part of our competitive advantage, providing our clients with incredible performance and data security, while significantly reducing the time we spend managing infrastructure."
The Datrium DVX Solution
The Datrium DVX converges Tier 1 hyperconverged infrastructure (HCI) with scale-out backup and cloud disaster recovery (DR). With Datrium, each VMware host leverages local CPU and flash for industry leading performance while sharing the DVX storage pool for converged, encrypted backup as well as enabling DR copies on AWS. The DVX enables an extremely resilient and secure infrastructure to run the most critical healthcare applications. This platform aligns with the needs of healthcare systems—locally, regionally, and even at the national scale—by increasing flexibility, reducing complexity, and improving performance while lowering both initial and long-term costs.
Key solution benefits include:
Built into DVX, Datrium Blanket Encryption protects data in use, in flight and at rest while maintaining full deduplication and compression, reducing network and storage costs significantly. This technology is an industry-first, providing FIPS validated, software-based end-to-end encryption to secure Protected Health Information (PHI) data in use on servers and server-based SSDs, at rest on secondary storage, and in-flight between the two. Blanket Encryption uses the FIPS 140-2 AES-XTS-256 military grade crypto algorithm and leverages the Intel Intelligent Storage Acceleration Library (Intel ISA-L) with Intel AES new encryption instructions set (Intel AES-NI) to support healthcare organizations in satisfying regulations such as HIPAA, HITECH, PIPEDA, and the requirements of national healthcare systems.
''In most healthcare IT systems we see only data at rest encryption, and the only attack vector that addresses is 'physical' access to drives, which also happens to be the lowest stated aspect of HIPAA," said Andre Leibovici, VP Solutions, Datrium. "That's not enough--data should be protected on the server as well as when in motion, moving through a network, including wireless transmission."
1ESG Master Survey Results, 2018 IT Spending Intentions Survey, December 2017.
The Datrium FIPS Object Module is available immediately at no charge with every DVX system.
Solution Brief: Meeting Healthcare IT Requirements with Datrium DVX
FIPS Certificate: Cryptographic Module Validation Program Certificate
Detailed NIST Report: Datrium FIPS Object Module FIPS 140-2 Non-Proprietary Security Policy
Datrium is the leader in Open Converged Infrastructure for hybrid clouds, converging Tier 1 HCI, scaleout backup and cloud disaster recovery for vastly simpler administration, protection of hybrid cloud infrastructure, and higher IO performance than available with traditional alternatives. The company is led by the CTOs and founders from Data Domain and early principal engineers from VMware. For more information, visit www.datrium.com and follow @datrium on Twitter.