Protecting personal health and identity information is paramount within the healthcare industry. At Okta, we partner with HIPAA Covered Entities and their Service Providers to secure this very data, while enabling these partners to quickly innovate and remain leaders in the industry. To better serve the highly-regulated and security-conscious healthcare industry, we’re pleased to announce Okta’s HIPAA Compliant Service instance.
Security is the number one priority for healthcare IT as the industry grapples with constant threats and growing costs of breaches. A new study from the Ponemon Institute revealed that nearly 90 percent of the healthcare organizations surveyed experienced a data breach in the past two years. And regulatory bodies are trying to keep up: the HHS Office of Civil Rights (OCR) regularly releases guidelines and updates to help covered entities confront a breach. Companies are being more scrutinized than ever and yet, regulatory requirements are not one-size-fits-all. Organizations need to implement policies and procedures tailored to their work, size, and openness, but still meet requirements to keep sensitive data encrypted and protected from hackers and security breaches.
Introducing our HIPAA service is another move towards achieving the most important security compliance standards and providing our customers in healthcare with the most secure platform. As we discussed with CRN earlier this year, we currently have an official In-Process status with the Federal Risk and Authorization Management Program (FedRAMP) Medium authority to operate (ATO). The government-wide, standardized approach to security assessment, authorization and continuous auditing enables us to work with federal agencies interested in identity and mobility management.
Last year, we obtained ISO 27001 certification, and we were the first and only IDaaS company to achieve the Cloud Security Alliance (CSA) Security, Trust, & Assurance Registry (STAR) Level 2 Attestation. On top of these certifications, our new HIPAA compliant cell demonstrates our commitment to provide the highest standards of security and availability to our thousands of enterprise customers.