SecureLink Launches Healthcare-Specific Vendor Privileged Access Management Solution

The vendor privileged access management (VPAM) solution provider, SecureLink, has launched SecureLink for Healthcare: A healthcare-specific centralized solution for managing third-party access to internal systems.

SecureLink’s new offering has been developed to meet the needs of organizations required to comply with the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act.

SecureLink for Healthcare

The platform allows administrators to easily provide and carefully control access to internal systems, applications, and resources, including restricting access to systems containing ePHI. The platform creates a HIPAA-compliant, detailed audit trail that includes the logging of all keystrokes by vendors and videos of their activities while remotely connected to internal resources, at both the vendor and vendor user level. The platform provides full visibility into all business and clinical applications, such as EHR systems, for compliance with HIPAA, the HITECH Act, PCI, and other regulations.

The platform includes a best practices module that monitors system settings and sends automated alerts to administrators when any changes are made that could impact compliance or change the organization’s security posture.

SecureLink for Healthcare

“Ransomware and other cyberattacks have continued to escalate in the healthcare industry, which spurred us to create this unique offering for organizations that currently use ad hoc or less secure methods for remote third-party access,” said Rob Palermo, vice president of product management and strategy for SecureLink. “We’ve taken our 17 years of experience working with healthcare systems and created a platform and implementation process that meets the specific needs of healthcare organizations and protects them against the growing threats.”

SecureLink offers customized implementations to meet the needs of HIPAA-covered entities and HIPAA business associates of all types and sizes. The company also offers workflow consulting to provide all documentation required by HIPAA on vendor remote access workflows. Full support is given for setting up the PCI and HIPAA compliance features, and online training is provided via the “SecureLink University” to ensure the solution is configured correctly and to assist employees tasked with administering the solution.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.