PKWare Inc. announced Tuesday that the new version of its PKZip for OS/400 features enhanced security capabilities, giving users the ability to transmit sensitive information securely while achieving compliance with federal privacy regulations, such as those set forth by HIPAA and the Gramm-Leach-Bliley Act.
Both laws are putting the squeeze on administrators to maintain and secure documents.
"Businesses are under increasing pressure to take the necessary steps to protect privacy as they make greater use of more efficient electronic information processing," said Steve Crawford, chief marketing officer of the Brown Deer, Wis.-based PKWare.
According to Steve McDonald, system analyst for Fiserv Health-Tennessee, who uses PKZip for the hundreds of files he sends from his AS/400 to customers daily, the new encryption features make it easy to send confidential information in a secure manner without a high price tag.
"And it helped us achieve HIPAA compliance," he said.
The privacy provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which takes effect in April, protect electronically stored medical records and other personal health information created or maintained by health care-related companies, ranging from doctors' offices to insurance companies.
Under the privacy provisions of the Gramm-Leach-Bliley Act, also known as the Financial Services Modernization Act of 1999, banks, credit card companies and any other financial institution that provides financial products or services to consumers must ensure the security and confidentiality of customer records and protect against any threats to the security or integrity of that data.
To improve administrative efficiencies and maximize storage capacity of its AS/400 system, Fiserv wanted to find a solution that would enable the company to transmit claims information quickly, that provided interoperability between disparate enterprise systems and that allowed the company to archive the files without using too much space on the AS/400.
Additionally, Fiserv was looking for a security solution that would help the company meet the privacy requirements of HIPAA and which could also be widely adopted by its client base.
"Security is starting to come into play with the new HIPAA regulation," McDonald said. "Right now, we send out several e-mails that are password protected. Everybody's got Zip. With this new product, they don't have to buy a new product. With new encryption, we'll further extend that security and meet those [HIPAA] requirements."
The company initially began using PKZip to compress data before sending it to its clients, and wanted to supplement this solution with PKZip's new strong security features. Because of the size of some of the files as well as the limited hard drive space of many of his customers, McDonald said, he needed to get files down to "the smallest size possible."
McDonald said Fiserv is able to process claims on its AS/400 system and send the data to various clients on platforms like Windows and MVS in a secure manner, while minimizing the impact on bandwidth and storage.
Zip files are used throughout the industry to compress data and thereby reduce file sizes. Reducing the file size means reducing bandwidth, storage requirements and transmission times.
PKZip uses encryption technologies such as 256-bit Advanced Encryption Standard (AES).
AES is a Federal Information Processing Standard (FIPS) developed for use by federal government organizations to protect sensitive but unclassified information. The standard is widely expected to gain broad industry support.
Strong AES encryption guarantees the highest level of data security, both during transmission and while stored in the compressed archive, experts say.
PKZip for OS/400 with strong AES encryption is available now, and the cost depends on server configuration. The encryption option may be licensed with PKZip for OS/400.