LuxSci: Secure HIPAA-Compliant Solutions
Secure HIPAA-Compliant Communication Solutions from LuxSci
Lux Scientiae – or LuxSci for short – is an industry-leading provider of reliable, HIPAA-compliant communication solutions. Founded in 1999 and based in Massachusetts, the company has grown from designing high-quality, detail-orientated, web-based infrastructures to a global organization delivering elegant and scalable email, web hosting, and text messaging solutions.
In the US, the company´s focus is primarily directed towards the healthcare industry – where the requirements of HIPAA demand robust data security, yet where the requirements of users are efficiency and ease-of-use. Consequently, LuxSci communication solutions for the healthcare industry are built to be HIPAA-compliant, yet productive and intuitive to use.
HIPAA Compliant Email
Other than verbal communication, email is the most commonly used communication channel in healthcare. However, when emails containing ePHI are sent beyond a firewall-protected internal email server, they are subject to HIPAA regulations relating to access controls, audit controls, integrity controls, ID authentication, and transmission security.
LuxSci secure email satisfies all HIPAA regulations and security requirements in order to ensure the integrity and security of ePHI. In addition, LuxSci secure email can be provided with customizable email filtering, virus scanning, and protection against malicious emails and phishing attacks. The solution also enables emails to be synchronized with calendars, contacts, tasks, etc.
- Highly-configurable email encryption
- Access controls and login audit trails
- Automatic system logoff capabilities
- Remote device wipe
- Redundant backups and email archival
Additional information here: https://luxsci.com/hipaa-compliant-email
HIPAA Compliant Hosting
Any healthcare organization with a web site should ensure the web site is being hosted in compliance with HIPAA. When web hosting services are outsourced, this means the company providing the hosting services has to comply with the same technical, physical, and administrative safeguards of the HIPAA Security Rule as apply to – for example – an EMR.
LuxSci´s dedicated HIPAA-compliant web hosting services provide a “protected island on the web” in which servers are secured and monitored, patch management is taken care of, and backups are automatic. Healthcare organizations can take advantage of off-the-shelf web hosting solutions, or customize solutions for volume, availability, security, and business continuity.
- Facility and network intrusion detection systems
- Protection against Dedicated Denial of Service (DDoS) attacks
- Redundant, load-balanced web/application servers
- System isolation and capacity scaling
- Encrypted SAN storage arrays
Additional information here: https://luxsci.com/hipaa-compliant-hosting
HIPAA Compliant Forms
How healthcare organizations collect, process, and store data via a web site is also subject to HIPAA regulations. Many types of web form are not HIPAA-compliant because they either submit data via unencrypted channels or store it in unencrypted databases. Even when these conditions are met, it is still important data is secured against unauthorized access and that all access is logged.
LuxSci´s SecureForm service is a full-featured form solution designed for HIPAA compliance and business-critical data collection. The service can be used to secure existing web forms or to create engaging PDFs and web forms, and it gives organizations a choice of how data is collected, the format in which it is received, and where it is saved.
- Minimal programming knowledge required
- Detailed reports of successful and failed submissions
- Full audit trail of data views, amendments, and deletions
- Anti-virus scanning of all uploaded forms
- Limit, deny, or allow form posts by IP address
Additional information here: https://luxsci.com/hipaa-compliant-forms
HIPAA Compliant Text Messaging
Text messaging is generally not permissible under HIPAA because – among other reasons – the risk exists ePHI can be disclosed without authorization if a mobile device is lost, stolen, or left unattended. Exceptions exist when safeguards are built into text messaging apps, but there are scenarios in which app-based systems are not suitable for all healthcare communications.
HIPAA compliant text messaging from LuxSci overcomes this issue by enabling healthcare organizations to send an SMS message from an email account to the recipient´s mobile device. The SMS message contains a link to a secure web page on which ePHI is located; but, in order to the ePHI, the recipient must provide a password or PIN number.
- Data never transmitted directly in raw text messages
- Data not stored on recipient´s mobile device
- ePHI can be retracted and wiped at any time
- Password-based recipient authentication
- Audit trail of recipient logins and message access
Additional information here: https://luxsci.com/extranet/secure-text.html
Secure Video Conferencing
In the context of video conferencing, two events happened during the COVID-19 pandemic. First of all there was a massive increase in healthcare organizations using video conferencing systems to provide telemedicine to patients. This prompted the second event – the HHS announcing enforcement discretion for the non-compliant disclosure of ePHI using unsecure video conferencing systems.
It is important to note the HHS` enforcement discretion is only temporary; and, as good as systems such as Zoom and Google Hangouts are, there are security risks attached to using them. Furthermore, organizing consultations over these systems can be time-consuming and inefficient, whereas LuxSci´s secure video conferencing system enhances productivity in many different ways.
- Patients and physicians can schedule appointments and receive SMS/email reminders
- Healthcare organizations can activate a queueing capability for remote walk-ins
- LuxSci´s secure video conferencing system can accept pre-payments from patients
- System logins and user actions are logged for auditing and compliance purposes
- Media streams run point-to-point by default to prevent man-in-the-middle infiltrations
Additional information here: https://luxsci.com/secure-video-conferencing
Further Information about Secure HIPAA-Compliant Communication Solutions
For further information about secure HIPAA-compliant communication solutions from LuxSci, please use one of the contact methods listed below.
P.O. Box 326
Toll-Free Phone: 800-441-6612
International Phone: +1-339-368-5641