Reso-Med upgrades personal data protection

On June 19, 2014 the IBS group announced execution of works on improvement of a system of personal data protection in the distributed branch network of RESO-MED Medical Insurance Company LLC.

Project Tasks

The company processes personal data of the insured persons. Structural divisions of the company interact with the territorial funds of compulsory health insurance (TFCHI), the medical organizations (MO), the authorized organizations of subjects (AOS) for service of the universal electronic cards (UEC), the Medical Information and Analytical Centers (MIAC) of the subjects of the Russian Federation.

By the time of the beginning of the project in the company key measures of protection of personal data worked and documents on data protection are developed, however, a system needed upgrade. During preliminary study of the project made the decision - to combine this project with reorganization of a corporate data network by means of which to provide the protected interaction between all subjects and participants of a system of compulsory health insurance according to requirements of the legislation of the Russian Federation about security of information and personal data protection.

Project Progress

Specialists of IBS company the drawing project solution for security of personal data is developed, means of protecting are delivered and implemented in branches of the customer. The packet of the organizational and administrative documentation regulating an order of processing and personal data protection is improved.

Project Results

The uniform protected data network of the customer on the platform of the products ViPNet is upgraded. Branches are connected to networks of TFCMI, MO, UOS UEK and MIAC in the mode of network interconnection. In branches of the company the isolated network segments with the different level of security of personal data are selected. Other information security tools in branch networks and in workplaces of end users are unrolled.

Now the IBS company performs technical maintenance of operation of the upgraded system.

Andrey Titov, the head of directorate on information technologies and information security, noted: "This project was complicated by the fact that it was required to provide transition to new model of interaction of branches with each other and with the external organizations, without interrupting business processes of the company. IBS successfully carried out project tasks, coped with all complicating factors, and put the working system into commercial operation. In a project deliverable our company received not only implementation of mandatory requirements on personal data protection, but also new opportunities for development of IT at the expense of a coherent corporate data network".

Dmitry Romanchenko, director of department of information security of IBS company: "This project – one of examples of complex approach to a task when the problem of information connectivity of branches of the customer is solved together with a problem of personal data protection in each of them. For us it was extremely important to implement for RESO-Med Medical Insurance Company LLC not only the system of personal data protection, but also to ensure safety of data transmission according to requirements of the legislation".