SANTA CLARA, CA: NextBio announced today that their newly launched NextBio Clinical platform has successfully passed an independent 3rd party audit of NextBio’s security controls, meeting HIPAA (the federally mandated Health Insurance Portability and Accountability Act) requirements. NextBio demonstrated the implementation of physical, technical, and administrative controls to assure the confidentiality, integrity, and availability of electronic protected health information (ePHI) in its cloud-based NextBio Clinical platform. This successful HIPAA audit enables NextBio Clinical to host protected patient information as it integrates electronic medical records (EMRs) to further the use of genomics for translational medicine and research, as well as in the clinic. NextBio offers the world’s largest repository of curated and correlated molecular and clinical data.

HIPAA sets the standard for protecting personal health information (PHI) pertaining to health status, provision of health care, or payment for health care that can be linked to an individual. HIPAA interprets such information broadly to include any part of an individual’s medical record or payment history.

“Security is a very high priority for us, as everyday our big data platform deals with large volumes and a wide variety of public and private molecular data from our customers and partners,” said Dr. Satnam Alag, chief technology officer and vice president of engineering at NextBio. “We have made significant investments towards meeting HIPAA requirements, and NextBio is committed to a continued focus on all aspects of data security. The automated logging of access to patient information, encryption of log parameters, real-time administrator audit facilities, and encryption of ePHI are a few key features that distinguish our implementation of HIPAA.”

Other important features of NextBio’s HIPAA implementation include:

• Protection against any reasonably anticipated threats or hazards to the security or integrity of protected information.

• Protection against any reasonably anticipated uses or disclosures of such information that are not permitted or required by the privacy rule.

• Compliance by NextBio’s workforce.

• Customized authorization of access to ePHI by client organizations.

• Real-time ePHI access report generation, enabling the client to immediately review who, what, and when ePHI was accessed; no delays requesting and waiting for logs.

• Encrypted ePHI data.

• Location of ePHI in Tier 1 Data Center using a provider that is SSAE16 Certified.

NextBio’s successful passing of an independent HIPAA audit validates the instituted safeguards that enable NextBio Clinical to analyze molecular data and related clinical health information from linked EMRs. NextBio provides its products and services to clinical centers, pharmaceutical and biotechnology companies, and research institutions serving the full spectrum of life sciences research, from the laboratory to translational research to the clinic where meeting HIPAA requirements is mandatory.