Transportation Security  | Physical Security  | Penetration Testing  | Firewall Pro  | Network Security  | S.C.A.D.A.  | H.I.P.A.A.  | eBanking  | Kids' Password  
InfoSecPro.com


InfoSecPro.com is providing corporations with leading edge computer and network security solutions.
Our staff of Certified Information Systems Security Professional (CISSP), Microsoft Certified Systems Engineer (MCSE) and Cisco Certified Network Associates (CCNA) will provide the best, cost effective security solutions.

 

Let us configure your network infrastructure to provide you with the security level you need.

Contact us at:

InfoSecPro.com
PO Box: 291
Purchase, NY 10577-0291
732-763-2814
tibi@infosecpro.com
www.infosecpro.com

H.I.P.A.A.
Top


The Health Insurance Portability and Accountability Act (HIPAA) requires the United States Department of Health and Human Services (DHHS) to develop standards and requirements for maintenance and transmission of health information that identifies individual patients. These standards are designed to improve efficiency and protect the security and confidentiality of electronic health information.

The HIPAA regulations are impacting healthcare in five major areas:

  • Standard transactions
  • Standard code sets
  • Uniform identifiers
  • Privacy standards
  • Security standards

Privacy and security regulations will be the most difficult and costly to implement and maintain. These regulations are broad in scope, less definitive and require constant monitoring for ongoing compliance. Short implementation timeframes, additional staffing requirements and the requirements for a third party security network vulnerability assessment require that you look outside your organization for assistance.

The Health Insurance Portability and Accountability Act (HIPAA) guidelines only give general information about what is expected of healthcare providers. It provides guidance but provides no details about specific security practices. That is where the healthcare providers will need the most our security expertise, since they'll use that information to decide how to best proceed in protecting their critical information and systems.

The security assessment will include the evaluation of:

  • Administrative Safeguards
    • Security Management Process
    • Assigned Security Responsibility
    • Workforce Security
    • Information Access Management
    • Security Awareness and Training
    • Security Incident Procedures
    • Contingency Plan
    • Evaluation
    • Business Associate Contracts and Other Arrangements
  • Physical Safeguards
    • Facility Access Controls
    • Workstation Use
    • Workstation Security
    • Device and Media Controls
  • Technical Safeguards
    • Access Control
    • Audit Controls
    • Integrity
    • Person or Entity Authentication
    • Transmission Security
  • Organizational Requirements
    • Business Associate Contracts and Other Arrangements
    • Requirements for Group Health Plans
  • Policy, Procedures, and Documentation
    • Policy and Procedures
    • Documentation

InfoSecPro will validate your network against the corporate security policy and known Internet attacks. Risk analysis will be performed using the industry standard risk profile matrix. The Security Analysis Report will document any exploits found. The Security Analysis Report will suggest possible security solutions to alleviate the vulnerabilities.

ISO 17799, the Code of Practice for Information Security Management, is a standard which describes a management framework within which an organization can examine and improve its security posture.

Some of potential vulnerabilities and suggested countermeasures are included in the following Security Checklist.

Our services provide solutions for Network Security by:

  • Vulnerability scanning
  • Deployment of firewalls
  • Patch management
  • Use of Intrusion Detection Systems
  • Establishing Virtual Private Networks (VPN's)
  • Deployment of encryption applications (PGP) and secure protocols
  • Wireless Network Security measures and audits
  • Video Surveillance, with Digital, Analog or Ethernet video cameras. S A M P L E

R E S O U R C E S :

HIPAA - National Standards to Protect the Privacy of Personal Health Information

Department of Defense Trusted Computer System Evaluation Criteria

Department of Defense Information Technology Security Certification and Accreditation Process

Office of Management and Budget - CIRCULAR NO. A-130

DoD Health Information Privacy Regulation

NIST DRAFT Special Publication 800-26, Revision 1: Guide for Information Security Program Assessments and System Reporting Form

Risk Management Guide for Information Technology Systems

       Transportation Security  | Physical Security  | Penetration Testing  | Firewall Pro  | Network Security  | S.C.A.D.A.  | H.I.P.A.A.  | eBanking  | Kids' Password  

Copyright © 2007 InfoSecPro.com™
No material may be reproduced without written permission.