Change Healthcare Intelligent Healthcare Network, today unveiled “BYOK” and “kill switch” technology to help payers and providers control security and respond to threats quickly and decisively. The new BYOK service ncludes an innovative “Bring Your Own Key” (BYOK) service now offered as part of the company’s cloud-based HealthQx® value-based care analytics suite.
Prior to today’s release of this new Change Healthcare Security Management BYOK service, cloud encryption keys in healthcare were traditionally the responsibility of solution vendors to manage. Providers and payers had to contact their vendors to respond to requirements large and small, including routine key updates, revocation of employee clearances, perceived threats, or actual attacks and breaches. This outdated, manual process costs payers and providers valuable time and can have an impact on data being compromised or remaining secured.
This new BYOK capability in the Change Healthcare Security Management suite lets payers and providers create, update, or revoke encryption keys on demand, enabling rapid responses when potential or active threats to sensitive data in the cloud are anticipated or encountered. Payers and providers can invoke a virtual “kill switch” that instantly stops access to protected data and services and can re-enable access within minutes using a new encryption key—effectively blocking active threats.
Change Healthcare HealthQx is an episode analytics suite that helps payers and providers accelerate value-based payment innovation, and uses the Microsoft Azure cloud. HealthQx collects, analyzes, and reports claims and other information to help healthcare stakeholders design, develop, scale, and improve their value-based care programs.
As part of Change Healthcare’s approach to enabling payers and providers to have immediate, granular control over their cybersecurity profile, customers using the HealthQx value-based care analytics suite can now make security changes without involvement by Change Healthcare personnel, and have their cloud-based systems re-encrypted and operational without service interruptions.
Full control is in the customer’s hands, including audit and monitoring checks that flag changes. This agile capability is in stark contrast to traditional key management, which is error-prone because it requires planning, training, communication, and orchestration with a team of people manually working across multiple organizations.
All of these processes are automated, fast, and invisible to anyone appropriately authorized to use the HealthQx suite within the Change Healthcare Intelligent Healthcare Network, and encompasses all current operations: jobs, applications, and user interfaces. Now the power to control access and security with agility is entirely in the customer’s hands.
“Transparent data encryption with Bring Your Own Key capabilities helps organizations better protect sensitive data and meet regulatory and industry-specific compliance obligations which require specific key management controls,” said Lindsey Allen, Partner Group Program Manager, Azure SQL Database R&D at Microsoft. “We integrated this technology in Azure SQL Database so that we could help ensure that the sensitive data of users was protected in a compliant manner.”