Apervita, the leading platform for value-based collaboration in healthcare, announced they are offering Deep Encryption™ to their health plan and provider customers. The new feature introduces an unprecedented level of security to the U.S. healthcare system by encrypting data at the field level. Personal health information is not just protected at the level of a database but down to the components of individual health records that make up the database—records containing information such as insurance claims, medications, test results, and diagnoses. This extends the level of protection beyond what is currently mandated HITRUST and HIPAA requirements. Apervita is the first healthcare company to offer this level of encryption security technology.
As the healthcare industry continues to move to electronic forms of data, opportunities for data breaches also increase. In fact, the number of patient records more than doubled in 2019 with 32 million patients compromised. The financial implications of such breaches are enormous, with estimates as high as $429 per breached record, not to mention the life-threatening impact on patient safety that can occur when records are breached.
“Deep Encryption is a game-changer for our customers,” said Michael Oltman, Apervita’s chief technology officer. “As a healthcare platform that works with over 2,500 U.S. hospitals, security is our top priority. Deep Encryption not only protects data far beyond typical data security requirements, but it also returns control of the data to our customers. We’re offering exactly what our customers want: security, safety, and control.”
“Especially in today’s world, with more people working remotely, we have learned to trust the cloud,” said Michael Semel, CSCS, CHP, CHSP, CBCP and President of Semel Consulting. “Deep encryption technology protects PHI in the cloud and hands over control to the client with a security key. This is the most sophisticated level of data security that most healthcare organizations are missing in their own systems.”
Additionally, Apervita’s Deep Encryption feature meets requirements of the Office of the National Coordinator’s (ONC) recent Information Blocking final rule, which calls for granular, PHI field-level privacy to support data segmentation, while still allowing for data to be accessible.
The security of Apervita’s customer’s PHI data is of primary importance and was the catalyst to implement the deepest encryption in the industry. With the recent release of Field Level Encryption (FLE) by MongoDB, Apervita’s database partner, Apervita was able to dramatically decrease the time needed to build the full Deep Encryption solution, which adds multiple layers to the FLE feature to enable unique encryption per customer dataset. The Deep Encryption feature also provides customers with a BYOK (Bring-Your-Own-Key) capability, which gives customers full control and ownership of their data on a per customer and per dataset level.
“Apervita’s platform is ideal for implementing Client-Side Field Level Encryption, and helps advance healthcare IT data security,” said Kenn White, Security Principal at MongoDB. “We’re thrilled to see their quick adoption of this unique capability and look forward to witnessing the impact it will have on protecting the most sensitive workloads in the industry.”