RE: HIPAA_Compliance

From: Billy Dodson (billy_at_pmm-i.com)
Date: 04/06/04

  • Next message: Daryl: "Education and Security"
    Date: Tue, 6 Apr 2004 08:39:25 -0500
    To: "Robinson, Sonja" <SRobinson@HIPUSA.com>, "paralleluniverse" <paralleluniverse@ev1.net>, <security-basics@lists.securityfocus.com>
    
    

    If you are in a windows enviroment, you can use IPSEC policies within
    the domain security policy to encrypt traffic on the LAN. This is of
    course with a very high overhead. I am not deeply versed in HIPPA
    policies. You can reduce some of the overhead by just encrypting
    traffic between domain controllers. I know that also if you uses Cisco
    routers for your WAN, they can be configured to encrypt that traffic as
    well.

    Billy Dodson
    Network Systems Engineer
    Permian Micro Mart
    3815 E. 52nd Street
    Odessa, TX 79762
    432.367.3239 - Direct Line
    432.367.6179 x139

    -----Original Message-----
    From: Robinson, Sonja [mailto:SRobinson@HIPUSA.com]
    Sent: Monday, April 05, 2004 3:00 PM
    To: 'paralleluniverse'; security-basics@lists.securityfocus.com
    Subject: RE: HIPAA_Compliance

    What are you trying to encrypt and from what points?

    i.e. PHI in e-mail - suggest Kryptiq, Sigaba, PGP enterprise solutions
    depending on your needs you could also use desktop - ssl file
    transfer/gateway decryption VPN -works for communications over telecomm
    lines for business partners, subsidiaries, etc.

    secure ftp - for file transfer

    web file repository - ssl file transfer

    Your soultion wil ldepend on what you are looking to encrypt, why and
    the to/from points.

    -----Original Message-----
    From: paralleluniverse [mailto:paralleluniverse@ev1.net]
    Sent: Saturday, April 03, 2004 9:48 PM
    To: security-basics@lists.securityfocus.com
    Subject: HIPAA_Compliance

    Hello to All,

    In order to provide security solutions for HIPAA compliance, encryption,
    though not required, seems to solve several of the problems. Would
    anyone have some suggestions for an inexpensive, easy to deploy,
    convenient to use, and easy to train staff, encryption solution? Other
    thoughts?

    Ron Cohen
    FUNEN

    ------------------------------------------------------------------------

    ---
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
    off any course! All of our class sizes are guaranteed to be 10 students
    or less to facilitate one-on-one interaction with one of our expert
    instructors. 
    Attend a course taught by an expert instructor with years of
    in-the-field pen testing experience in our state of the art hacking lab.
    Master the skills of an Ethical Hacker to better assess the security of
    your organization. 
    Visit us at: 
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ------------------------------------------------------------------------
    ----
    CONFIDENTIALITY NOTICE: This e-mail transmission, including any
    attachments to it, may contain confidential information or protected
    health information subject to privacy regulations such as the Health
    Insurance Portability and Accountability Act of 1996 (HIPAA). This
    transmission is intended only for the use of the recipient(s) named
    above. If you are not the intended recipient, or a person responsible
    for delivering it to the intended recipient, you are hereby notified
    that any disclosure, copying, distribution or use of any of the
    information contained in this transmission is STRICTLY PROHIBITED. If
    you have received this transmission in error, please immediately notify
    me by reply e-mail and destroy the original transmission in its entirety
    without saving it in any manner. 
    ------------------------------------------------------------------------
    ---
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
    off any course! All of our class sizes are guaranteed to be 10 students
    or less to facilitate one-on-one interaction with one of our expert
    instructors. 
    Attend a course taught by an expert instructor with years of
    in-the-field pen testing experience in our state of the art hacking lab.
    Master the skills of an Ethical Hacker to better assess the security of
    your organization. 
    Visit us at: 
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ------------------------------------------------------------------------
    ----
    ---------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
    any course! All of our class sizes are guaranteed to be 10 students or less 
    to facilitate one-on-one interaction with one of our expert instructors. 
    Attend a course taught by an expert instructor with years of in-the-field 
    pen testing experience in our state of the art hacking lab. Master the skills 
    of an Ethical Hacker to better assess the security of your organization. 
    Visit us at: 
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ----------------------------------------------------------------------------
    

  • Next message: Daryl: "Education and Security"

    Relevant Pages

    • RE: fax software in the domain
      ... You could add an extra layer of security by changing by connecting the ... Ethical Hacking at the InfoSec Institute. ... Attend a course taught by an expert instructor with years of ...
      (Security-Basics)
    • Re: HIPAA_Compliance
      ... we've testing Intel IPSEC offload cards and have been VERY ... the domain security policy to encrypt traffic on the LAN. ... Ethical Hacking at the InfoSec Institute. ... Attend a course taught by an expert instructor with years of ...
      (Security-Basics)
    • RE: HIPAA_Compliance
      ... And, for anyone who's involved with HIPAA compliance, it meets the technical standards put forth under the security rule. ... convenient to use, and easy to train staff, encryption solution. ... Ethical Hacking at the InfoSec Institute. ... Attend a course taught by an expert instructor with years of ...
      (Security-Basics)
    • RE: Windows patch mgmt.
      ... MBSA stands for Microsoft Baseline Security Analyzer. ... > Ethical Hacking at the InfoSec Institute. ... > Attend a course taught by an expert instructor with years of ...
      (Security-Basics)
    • RE: securing password list
      ... What security methods do you use to secure a list such as this? ... > Ethical Hacking at the InfoSec Institute. ... > pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)