HIPAAT presents its Consent Management Software in Washington

press release | February 21, 2007

HIPAAT Simplifies Privacy Consent Integration for All Electronic Health Networks

Consent aggregation solution empowers patients and accommodates system privacy policies

TORONTO, ON - February 21, 2007 - HIPAAT Inc. (HIPAAT), a leading provider of healthcare IT privacy and security software, today announced the completion of its consent aggregation solution with new application interface (API) functionality. The product set will be demonstrated at the upcoming HIMSS Annual Conference (booth 7020) in New Orleans, Louisiana, February 26 - March 1, 2007, and provides all health information stewards - from care delivery organizations (CDOs) to regional and national health networks - the ability to securely integrate privacy policies and patient consent directives at a granular level.

Safeguarding patient privacy has become more complex with the evolution of electronic health information. "In healthcare, the ultimate solution for protecting patient information would be to provide case-by-case access controls to ensure the patient has complete power over whom and when their data is used," stated the EHR Vendor Association’s Interoperability Roadmap v 2.0 of October 2006.

HIPAAT's solution simplifies consent management, functioning across disparate applications to enable: CDO health networks to control organizational privacy policies; patients to block access to some or all of their electronic health information (PHI) on a case-by-case basis; caregivers to have override ‘break the glass’ access to PHI; a secure, centralized audit trail; and automatic and immediate breach reporting to the privacy officer through e-mail alerts.

"There is a rapidly growing demand for healthcare IT to accommodate patient, organizational and jurisdictional privacy directives," said Terry Callahan, managing director of HIPAAT, "and vendors acknowledge they cannot satisfy the need for many years to come. HIPAAT is committed to meeting the demand now, and can assist both vendors and end users today in accelerating their timeline to address this very important issue. Our consent aggregation products integrate these privacy directives in cutting edge and legacy health networks, regardless of size."

Components of the solution include Privacy eSuiteTM, the server (service-oriented architecture) where consent directives are defined and automated, Universal Audit RepositoryTM, the stand-alone repository of PHI access events and source of privacy breach alerts, and Privacy ManagerTM, client software controlling user access to PHI based on patient and system directives.

In hospitals, HIPAAT's consent aggregation solution functions elegantly in HL7 CCOW environments or via simple API. It follows industry guidelines including those established by Canada Health Infoway (CHI) and Integrating the Healthcare Enterprise (IHE).

About HIPAAT Inc.

HIPAAT provides innovative IT privacy and security solutions to the healthcare industry. Our focus is empowering patients and care delivery organizations through consent aggregation - the integration of patient privacy requests and system-wide privacy policies. Our comprehensive, standards-based products enable organizations to safeguard patient health information, across the organization and around the globe. For more information, visit www.hipaat.com.

-30-

Media Contact:

Christine Callahan, (905) 405-6299, media@hipaat.com