Next Step . . .
  Call Zvetco Now
 
  Find a Solution Partner
  Submit Inquiry/Request

Spotlight
Biometrics and the Dutch Supreme Court:
To defend against data and identity theft the Dutch Supreme Court utilizes Zvetco Fingerprint Readers password replacement.

»   See News

Verifi Express Pack!
Fast and Affordable: Get a Verifi fingerprint reader for a special low price.
» Buy Now

The New P5100 Reader.
Sporting the industries largest-based silicon fingerprint sensor, the P5100 can tackle both large and small jobs.
» Read More

Insider Fraud.
Most significant risks to a business come from within.
» Read More

Channel Partner Program.
Become a Channel Partner and add the industries best-of-breed biometric products to your product line.
» Read More

Discover HIPAA Compliance

Key to protecting the privacy of all concerned is creating a trusted environment where all users are authenticated prior to gaining access to any data, network or computer. Zvetco’s biometric solutions provide strong authentication of users while maintaining the high usability and ease-of-use that doctors and clinicians demand. Unlike other methods of authentication such as tokens, cards and/or passwords/PINs, which can be shared Zvetco includes a fingerprint biometric that eliminates this common practice within organizations. That said, Zvetco can leverage existing platforms such as HID cards, proximity cards and smart cards in combination with the biometric to improve existing infrastructure investments.

Citrix Integration

By integrating our biometric devices with Citrix solutions, healthcare organizations’ IT teams can deliver integrated security, defending intellectual property against external attacks, insider threats and data loss while ensuring patient privacy and confidentiality. Healthcare organizations can successfully manage business risk by leveraging Zvetco & Citrix solutions to proactively meet and manage regulatory compliance and achieve a high degree of control from the desktop to the datacenter.

By combining Zvetco’s industry leading biometric fingerprint reader with Citrix any healthcare concern can elevate security levels significantly while enjoying tremendous ease of use. With Zvetco, healthcare organizations can:

  • Secure desktops, application and data to maintain patient confidentiality

    Zvetco + Citrix solutions ensure the privacy of patient data and ensure that health care workers always have secure access by maintaining the data centrally in the datacenter, safeguarded by strong authentication, smart access controls and data Encryption.
  • Protect corporate assets and intellectual property to meet compliance requirements

    Zvetco + Citrix apply advanced security to all desktops, data and applications. Organizations benefit from the most advanced logging, reporting, and auditing capabilities on the market, even for legacy applications. Policies can be established so that data is always stored centrally and compliance regulations can easily be met
  • Deliver a personalized, high definition access experience for faculty no matter where they work

    Zvetco + Citrix provide mobile healthcare workers with secure access to desktops, applications and data wherever they are located, on-demand and with the best user experience. For example, a physician at a patient's bedside can study x-rays and echocardiograms from a mobile device as if he or she were using an office PC.

The Zvetco Advantage

Zvetco products utlize built in protections against ESD (Electro-Static Discharge), redundant overcurrent defenses and all metal construction all Zvetco readers provide a level of ruggedness and reliability that are not found in any other reader in the market. This equates to superior longevity and the elimination of product refreshes that add significantly to the overall cost of a biometric initiative and needlessly cripple your already strained budgets.

» Learn More

What is HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 was enacted by Congress to create a national standard for protecting the privacy of patients' personal health information. The law requires healthcare entities to use electronic means to process transactions, which include health information, to use standardized forms and a universal code system for illnesses and treatments. The regulation also requires new safeguards to protect the security and confidentiality of an individual's protected health information (PHI). The Privacy Rule directly regulates three types of "covered entities":

  • Healthcare providers (including individuals and organizations),
  • Health plans (including insurers and other payors)
  • Health care clearinghouses (entities, such as billing services, that process health information from nonstandard into standard forms or vice versa).

While the Privacy Rule covers only the aforementioned three entities, it expands the reach of its protections by requiring that covered entities obtain written confidentiality assurances from their business associates. Business associates are defined as individuals or entities outside of the organization’s system that receive, create, or have access to individually identifiable health information and;

  • 1. Perform a service on behalf of the organization or its affiliates or;
  • 2. Fit within the list of specific service providers (i.e., outside legal, actuarial, accounting, consulting, management, administrative, accreditation, data aggregation, and financial services).

The written assurance (which may be in a stand-alone agreement or part of a larger contract) must include several provisions: for example, restrictions on how the business associate may use or release identifiable health care information, promises to protect such information and to return or destroy it at the end of the contract, and assurances to make such information available for compliance purposes. If a covered entity knows that its business associate has violated these provisions, the covered entity must take reasonable steps to correct the problem and terminate the contract (in most cases) if such steps fail.

The rule permits compliance reviews by HHS and the filing of complaints by individuals, which HHS may investigate. HIPAA authorizes both civil and criminal penalties, including significant fines and imprisonment.

Compliance

The Healthcare Insurance Portability and Accountability Act (HIPAA) of 1996 and the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 have established tough standards for security within the Healthcare industry.

These new standards are aimed at protecting Electronic Health Records (EHR), Personal Health Records (PHR), and Protected Health Information (PHI). Hospitals, clinics and other healthcare providers are now directly responsible for security violations occurring within their or their business associates’ organizations.

HIPAA and HITECH include various requirements that are often grouped into two main categories:

  • Security Rules
  • Privacy Rules

Security Rules describe how healthcare providers should protect access to sensitive information, such as PHR or PHI. Privacy Rules determine patients’ rights to confidential treatment of their health-related information and specify the duties healthcare providers have to ensure such confidentiality.

The consequences of not complying with HIPAA or HITECH are significant. These may include civil and criminal charges, fines, obligations to notify the public or even the media of the incidents, and more. In some cases, these fines have been substantial. For example, in February of 2011 a $4.3 million penalty was imposed against Cignet Health in Prince George County, Maryland, for violating HIPAA patient access rights. But individuals are also liable as Dr. Richard Kaye of Virginia recently found out. On June 21, 2011 he was indicted on three counts of HIPAA violations. If convicted, under § 1320d-6(b)(2), Dr. Kaye could face a fine of up to $100,000 and up to five years in jail.

Because this legislation anticipates a massive expansion in the exchange of electronic protected health information (ePHI), the HITECH Act also widens the scope of privacy and security protections available under HIPAA; it increases the potential legal liability for non-compliance; and as the aforementioned indicates, it provides for far more enforcement.

To avoid the potential pitfalls of this more stringent regulatory, Zvetco Biometrics provides the key ingredients that enable any Healthcare institution to reduce costs, increase speed/efficiency and achieve compliance with all current and future regulations. Among these are:

  • Biometric identification of employees with a history of insider fraud or other criminal activities – Biometric enrollment for employees is much easier as it can be accomplished as part of the hiring process by Human Resources or performed locally at branches using the same equipment as for customer enrollment. Further, employee identification can be used in conjunction with a fraudster database as part of the financial institution’s background check to ensure that new hires are not previously identified fraudsters.
  • Shifting the organization’s reliance away from passwords and tokens – This reduces the high risk associated with passwords and the danger of credential or token sharing (biometrics, unlike passwords or tokens can’t be shared) to enable employees to gain access to resources to which they don’t have the authorizations or entitlements.
  • Efficient employee authentication for automatic password and/or account reset, helping to greatly reduce help desk costs.
  • Employee verification for a higher degree of authenticity, strengthening the organization’s access control practices, which reduces or eliminates regulatory liability
  • Insider threat deterrent – Biometrics can be used to better track employees to ensure that only the properly authorized individuals are performing their duties during the appropriate times at the appropriate locations. Biometrics also makes one think twice before considering or attempting a fraud.

Zvetco’s tools provide the key authentication ingredient in delivering the required security to meet and exceed HITECH requirements. When mated to one of our waterproof readers, which allow for frequent disinfecting daily they create a simple, germ-free way to lock down desktops, laptops, networks, web applications and the electronic health records of all patients. Most important, Zvetco’s technology enables healthcare organizations to qualify for lucrative federal funds to subsidize their investments in this technology.

Compatible with Match-On-Card

Zvetco embraces industry standards we are proud to say that we offer compatibility with the top MoC solutions in the market today; Gemalto’s .Net Bio/Protiva™ and Oberthur’s ID-One™ PIV and PIV-I cards. This gives you, the end user, tight integration with the leading Match-on-Card solutions in the market today.

Zvetco Recommended HIPAA Solutions

» Authasas Enterprise Edition
This network security solution (client server) provides enterprises with a very secure & centralized biometric Verification & Identification system. The Authasas uses a multi-factor authentication for functionality of windows logon, SSO (Single-Sign-On) and File / Folder encryption. It also integrates tightly to Citrix at the XenApp level to create an impenetrable barrier around your applications (Web & Client Server), data bases of Electronic Health Records (EHR) and other frequently accessed programs such as e-mail, word processing, spreadsheets, etc.

» P5100
The P5100 is the newest USB desktop device in the Verifi series of fingerprint readers. It uses the AuthenTec TCS1 sensor, the largest silicon sensor available, to give it the ability to be used in a wide variety of applications.

» P2000
This network security solution (client server) provides enterprises with a very secure & centralized biometric Verification & Identification system. The Authasas uses a multi-factor authentication for functionality of windows logon, SSO (Single-Sign-On) and File / Folder encryption. It also integrates tightly to Citrix at the XenApp level to create an impenetrable barrier around your applications (Web & Client Server), data bases of Electronic Health Records (EHR) and other frequently accessed programs such as e-mail, word processing, spreadsheets, etc.