RE: HIPAA_Compliance
From: Billy Dodson (billy_at_pmm-i.com)
Date: 04/06/04
- Previous message: $uper$onic: "RE: Online Universities with Information Security Programs"
- Maybe in reply to: paralleluniverse: "HIPAA_Compliance"
- Next in thread: David Glosser: "Re: HIPAA_Compliance"
- Reply: David Glosser: "Re: HIPAA_Compliance"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 6 Apr 2004 08:39:25 -0500 To: "Robinson, Sonja" <SRobinson@HIPUSA.com>, "paralleluniverse" <paralleluniverse@ev1.net>, <security-basics@lists.securityfocus.com>
If you are in a windows enviroment, you can use IPSEC policies within
the domain security policy to encrypt traffic on the LAN. This is of
course with a very high overhead. I am not deeply versed in HIPPA
policies. You can reduce some of the overhead by just encrypting
traffic between domain controllers. I know that also if you uses Cisco
routers for your WAN, they can be configured to encrypt that traffic as
well.
Billy Dodson
Network Systems Engineer
Permian Micro Mart
3815 E. 52nd Street
Odessa, TX 79762
432.367.3239 - Direct Line
432.367.6179 x139
-----Original Message-----
From: Robinson, Sonja [mailto:SRobinson@HIPUSA.com]
Sent: Monday, April 05, 2004 3:00 PM
To: 'paralleluniverse'; security-basics@lists.securityfocus.com
Subject: RE: HIPAA_Compliance
What are you trying to encrypt and from what points?
i.e. PHI in e-mail - suggest Kryptiq, Sigaba, PGP enterprise solutions
depending on your needs you could also use desktop - ssl file
transfer/gateway decryption VPN -works for communications over telecomm
lines for business partners, subsidiaries, etc.
secure ftp - for file transfer
web file repository - ssl file transfer
Your soultion wil ldepend on what you are looking to encrypt, why and
the to/from points.
-----Original Message-----
From: paralleluniverse [mailto:paralleluniverse@ev1.net]
Sent: Saturday, April 03, 2004 9:48 PM
To: security-basics@lists.securityfocus.com
Subject: HIPAA_Compliance
Hello to All,
In order to provide security solutions for HIPAA compliance, encryption,
though not required, seems to solve several of the problems. Would
anyone have some suggestions for an inexpensive, easy to deploy,
convenient to use, and easy to train staff, encryption solution? Other
thoughts?
Ron Cohen
FUNEN
------------------------------------------------------------------------
--- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------ ---- CONFIDENTIALITY NOTICE: This e-mail transmission, including any attachments to it, may contain confidential information or protected health information subject to privacy regulations such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA). This transmission is intended only for the use of the recipient(s) named above. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of any of the information contained in this transmission is STRICTLY PROHIBITED. If you have received this transmission in error, please immediately notify me by reply e-mail and destroy the original transmission in its entirety without saving it in any manner. ------------------------------------------------------------------------ --- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
- Previous message: $uper$onic: "RE: Online Universities with Information Security Programs"
- Maybe in reply to: paralleluniverse: "HIPAA_Compliance"
- Next in thread: David Glosser: "Re: HIPAA_Compliance"
- Reply: David Glosser: "Re: HIPAA_Compliance"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
