RE: HIPAA_Compliance
From: Chris Orzal (chris.orzal_at_pkware.com)
Date: 04/07/04
- Previous message: Barry Fitzgerald: "Re: Secure host newbie - fun - humm"
- Maybe in reply to: paralleluniverse: "HIPAA_Compliance"
- Next in thread: Chinnery, Paul: "RE: HIPAA_Compliance"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 7 Apr 2004 11:13:27 -0500 To: "Billy Dodson" <billy@pmm-i.com>, "Robinson, Sonja" <SRobinson@HIPUSA.com>, "paralleluniverse" <paralleluniverse@ev1.net>, <security-basics@lists.securityfocus.com>
Folks,
I don't mean to toot my own horn, but is anybody aware of PKZIP's
encryption and authentication features?
These were Ron's requirements: inexpensive, easy to deploy,
convenient to use, and easy to train staff, encryption solution.
As opposed to using this forum for giving a sales pitch I would simply
ask you to visit www.pkware.com and explore the possibilities. There
are HIPAA case studies and other materials for you to look at.
Also, I would invite anybody with any familiarity with the PKZIP Secure
product to let me know what you think: good, bad, or indifferent. Good
topic by the way!
Christopher Orzal
PKWARE, Inc.
414-362-8599
-----Original Message-----
From: Billy Dodson [mailto:billy@pmm-i.com]
Sent: Tuesday, April 06, 2004 8:39 AM
To: Robinson, Sonja; paralleluniverse;
security-basics@lists.securityfocus.com
Subject: RE: HIPAA_Compliance
If you are in a windows enviroment, you can use IPSEC policies within
the domain security policy to encrypt traffic on the LAN. This is of
course with a very high overhead. I am not deeply versed in HIPPA
policies. You can reduce some of the overhead by just encrypting
traffic between domain controllers. I know that also if you uses Cisco
routers for your WAN, they can be configured to encrypt that traffic as
well.
Billy Dodson
Network Systems Engineer
Permian Micro Mart
3815 E. 52nd Street
Odessa, TX 79762
432.367.3239 - Direct Line
432.367.6179 x139
-----Original Message-----
From: Robinson, Sonja [mailto:SRobinson@HIPUSA.com]
Sent: Monday, April 05, 2004 3:00 PM
To: 'paralleluniverse'; security-basics@lists.securityfocus.com
Subject: RE: HIPAA_Compliance
What are you trying to encrypt and from what points?
i.e. PHI in e-mail - suggest Kryptiq, Sigaba, PGP enterprise solutions
depending on your needs you could also use desktop - ssl file
transfer/gateway decryption VPN -works for communications over telecomm
lines for business partners, subsidiaries, etc.
secure ftp - for file transfer
web file repository - ssl file transfer
Your soultion wil ldepend on what you are looking to encrypt, why and
the to/from points.
-----Original Message-----
From: paralleluniverse [mailto:paralleluniverse@ev1.net]
Sent: Saturday, April 03, 2004 9:48 PM
To: security-basics@lists.securityfocus.com
Subject: HIPAA_Compliance
Hello to All,
In order to provide security solutions for HIPAA compliance, encryption,
though not required, seems to solve several of the problems. Would
anyone have some suggestions for an inexpensive, easy to deploy,
convenient to use, and easy to train staff, encryption solution? Other
thoughts?
Ron Cohen
FUNEN
------------------------------------------------------------------------
--- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------ ---- CONFIDENTIALITY NOTICE: This e-mail transmission, including any attachments to it, may contain confidential information or protected health information subject to privacy regulations such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA). This transmission is intended only for the use of the recipient(s) named above. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of any of the information contained in this transmission is STRICTLY PROHIBITED. If you have received this transmission in error, please immediately notify me by reply e-mail and destroy the original transmission in its entirety without saving it in any manner. ------------------------------------------------------------------------ --- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------ ---- ------------------------------------------------------------------------ --- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
- Previous message: Barry Fitzgerald: "Re: Secure host newbie - fun - humm"
- Maybe in reply to: paralleluniverse: "HIPAA_Compliance"
- Next in thread: Chinnery, Paul: "RE: HIPAA_Compliance"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
