To help enterprise-class customers meet HIPAA and other data compliance requirements, Milwaukee-based PKware Inc. has unveiled SecureZIP for the IBM zSeries and iSeries. SecureZIP enables organizations to encrypt and compress data for storage and transfer.
IT managers are concerned with one part of the Health Insurance Portability and Accountability Act. HIPAA mandates that health care providers and anyone else who deals with patient health care data to use security mechanisms to ensure confidentiality and data integrity for any information that identifies an individual.
"HIPAA doesn't just affect health care providers," said Steven Crawford, PKware's chief marketing officer. "Any company's human resources department has to follow HIPAA guidelines."
The most recent compliance deadline was April 21, 2005. And while HIPAA requires companies to secure their data, the act does not tell companies how they should do it.
Robert Burgess, IS project lead at Wisconsin-based Aurora Health Care, had known HIPAA was coming for a long time. But he needed something to keep data secure, and at the same time, keep it accessible to the government agencies and other organizations that work with his company.
"Some people send data on tape or from a secure FTP site," Burgess said. "And for a long time, a lot of files were written to tape and then couriered to a location. We still have one state agency where we need to do this."
According to PKware, people tend to think of mainframe or iSeries security as keeping people from the machines, rather than distributed data. But increasingly these machines are connected to external constituents through open networks, to partners and to the supply chain. Also, because of the increased amount of data being stored, tapes are being taken off site for storage. The data is not staying in the data center anymore.
And while the transfer of data must be secure, it also must interact with a number of organizations running different technologies. Burgess has to deal with multiple operating systems, including AIX, Sun Microsystems and zOS. The SecureZIP format allows organizations to send information across platforms. The only platform Burgess deals with that doesn't use SecureZIP is Hewlett Packard VMS.
PKware said SecureZIP files can be opened by any platform for which PKware has developed a SecureZIP product, including Unix, Linux and Windows. In fact, the company previously launched the product for Linux, Windows and Unix servers in fall 2004, and is just now releasing the iSeries and zSeries versions after beta testing.
PKware invented the zip file format 20 years ago for the PC market. According to the company, its .zip format is on 95% of PCs. In the 1990s the company began developing compression products for enterprise servers.
According to Peter Lindstrom, research director at Penn.-based Spire Security LLC, encryption does increase file size, so it makes sense to combine compression and encryption.
"It's a space saver and it provides security," Lindstrom said.
As more and more regulations demand encryption and other security measures, the need for this type of product will only grow. It's not a foolproof plan to keep patient data safe, but according to Lindstrom, encrypting data is a lot safer than not encrypting it.
Let us know what you think about the story; e-mail: Matt Stansberry, News Editor