Solutions
Products
Downloads
Support
Resources
Partners
Store
Blog A Federal agency under the Department of Health and Human Services (HHS) provides direction and technical guidance for the administration of the Federal effort to plan, develop, manage, and evaluate health care financing programs and policies. Along with the Departments of Labor and Treasury, the agency also implements the insurance reform provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
Our client is in possession of vast amounts of medical data and patient records for each person enrolled in the Medicare program, spanning a time frame of several years. As a result of data security standards and requirements, such as OMB M-06-16 and FIPS 140-2, it was absolutely critical that they find a solution that would comply with these mandates and allow them to continue exchanging sensitive data with numerous external business partners.
Each month, the agency transmits thousands of tapes/CDs containing sensitive Personally Identifiable Information (PII) to hundreds of endpoints, including research labs, universities, large business partners, and other government agencies. Data is placed on a tape or burned onto a CD directly from the mainframe and sent to partners with operating platforms ranging from z/OS® mainframes to Windows® desktops.
Our client faced two major challenges when trying to send sensitive data to partners: 1) many of the institutions they are sending data to do not have an IT support staff; and 2) they do not have the funding to purchase a decryption tool.
Due to the mixture of platforms and end-user expertise, it was essential that the recipient community react favorably to the chosen solution and adapt it into their processes. The agency required a cost-effective solution that could take the disparate mix of partners and IT environments into account and extend a solution that would be easy to deploy and use. The solution also required the secure, efficient exchange of critical business information with little to no interruption at the origin or endpoint(s).
SecureZIP PartnerLink was deployed at three data centers on multiple mainframes and on multiple open systems environments (UNIX®, O/S®, and Windows). It provided the lowest risk, highest performance, and the easiest integration and support options for the agency’s existing infrastructure, allowing daily operations with partners to continue without interruption.
SecureZIP PartnerLink allows the agency to distribute an unlimited number of SecureZIP Partner licenses, at no cost to their partners. Being a “no cost” solution furthered partner acceptance and eased the adoption process. The agency can now effectively protect the data at the file level, making it impossible for anyone except authorized personnel to access, whether the data is at rest or in transit. And, they are able to extend their security policies, regardless of the number of endpoints or computer environments involved in the exchange.
In addition to meeting the agency’s critical need of securely exchanging data with external business partners, SecureZIP also met each of their other requirements. Because SecureZIP is transport independent, it is capable of encrypting data onto mainframe tapes as well as other forms of data movement (i.e. CD, DVD). SecureZIP will create the encrypted .zip archives that then can be transferred to the media of choice via the standard method of writing.
The agency was also looking for a solution that would utilize the mainframe encryption coprocessor as well as support the AES encryption standard. SecureZIP provides a cross-platform security solution that offers encryption, digital signing, and authentication, both outside and within the IBM® hardware cryptographic environments. It also supports the AES encryption standard.
While SecureZIP allows for encryption of data exchanged with partners, it also provides for the use of an unlimited number of contingency keys which can be added to any encrypted .zip file created on any platform. These contingency keys provide access to the encrypted archives should the primary key or passphrase be lost or compromised. SecureZIP supports the use of PKI certificates that comply with the X.509 certificate standard; and, passwords or passphrases can be added in conjunction with digital certificates.
SecureZIP PartnerLink provided the agency with a solution that met all of their requirements and eliminated the exposure risk of exchanging sensitive information with external business partners. They are extremely pleased that not only are they exchanging information securely with current partners, but SecureZIP PartnerLink allows them to extend the same solution to new partners as they are added.
Print Version 
Press Room
Latest Blog Post
