Sophos supports your HIPAA compliance efforts.

HIPAA regulations require covered entities to protect the privacy and security and individual’s protected health information (PHI) among its other requirements. Sophos solutions protect sensitive healthcare data through its entire lifecycle (data at rest, in motion, in use, and disposal) and everywhere the organization interacts with that sensitive data. 

Next-gen network security to secure access
and transmission of patient data.

  • Powerful Network Security

    • Ultimate firewall performance, security, and control

    • Next-gen firewall features, user-based policies and controls, synchronized security, encryption, DLP, and more

    • Complete visibility into network, users, and applications

    • User Threat Quotient (UTQ) reports point out users putting security at risk

  • Wireless Protection

    • Built-in wireless controller in Sophos UTMs keeps wireless users secure

    • Prevent rogue users from connecting to your Wi-Fi network while avoiding detection

    • Get source and destination of WLAN traffic by username

  • User-Based Access Controls and Monitoring

    • User-based policies to manage web access for users

    • Block inappropriate content; implement time and bandwidth-based quotas for users

    • User-activity snapshot with real-time alerting

    • Integration with Sophos Endpoint Protection for persistent security even off-network

    • Extensive user- and device-based reporting for mobile users

    • Separate personal and work data on mobile devices in secure containers

  • Secure Data Transmission

    • Policy-based encryption for VPN tunnels to protect PHI in transit

    • Persistent, by-default data encryption with SafeGuard across platforms and devices as soon as it's created

    • Transparent, unobtrusive SafeGuard encryption stays on when data is emailed or uploaded to cloud-based file sharing programs

    • Sophos SPX encryption, encapsulating email content and attachments into a secure, encrypted PDF for security over email

Protection of patient data,  
wherever it's stored or accessed.

Patient Data Protection

Sophos SafeGuard Enterprise offers persistent encryption that goes everywhere your data goes. Synchronized Encryption proactively protects your data by continuously validating the user, application, and security integrity of a device before decryption.

Data Protection on Lost and Removable Devices

SafeGuard ensures the safety of your PHI on lost or stolen devices. It seamlessly manages keys and recovery functions on BitLocker- and FileVault 2-encrypted drives from the SafeGuard Management Center. It automatically and transparently encrypts files on removable media such as USB sticks, memory cards, and CDs/DVDs.

Secure Collaboration

Sophos SafeGuard synchronizes keys with Sophos Mobile, giving you secure access to encrypted files on the go. Using Sophos Mobile’s Secure Workspace app on a trusted device, users can view, access, and share encrypted data securely without requiring a password.

Secure PHI within email

Sophos SPX email encryption and Sophos content-aware data loss prevention enable you to block malware and spam while supporting efforts to comply with requirements for the encryption of sensitive data in email. SPX also comes with access to the SophosLabs-managed library of sensitive data definitions, including a HIPAA category, which provides detection of PHI, FDA approved drugs, and ICD-9 classified drugs.

Integrated protection against advanced threats.

Synchronized Security

Our revolutionary Security Heartbeat links your endpoints and your firewall to combine their intelligence and identify compromised systems in your network. The Heartbeat status is integrated into security policy settings to instantly trigger actions at both endpoint and network levels to isolate or limit access until systems are healthy again.

Next-Gen Threat Defense

Our powerful, cloud-based Sandstorm technology keeps you protected against APTs, zero-day, and unknown threats quickly and accurately. Detect, block, and respond to evasive threats that other solutions miss with Sophos Sandstorm. Fully integrated into your Sophos security solution, Sophos Sandstorm keeps unknown data-stealing malware off your network.

Continuous Security

SophosLabs, our global network of highly skilled and thoroughly trained analysts, work around the clock with advanced automation to identify and stay ahead of the latest threats. SophosLabs provides continual intelligence updates on the latest malware hosting, phishing, and distribution sites as well as anonymizing proxies and other risky sites. Only Sophos provides updates in real time via our Live Protection network.

What are you waiting for?

Let our experts at Sophos help to build the right solution for your needs.

This is not an exhaustive review of all elements of the Regulation, nor is it legal advice. Please consult your own legal experts if required.