HIPAA and firewalls

From: Irwin (ebct_at_yahoo.com)
Date: 05/10/04 

Date: 9 May 2004 17:47:13 -0700

Hello all. I was trying to connect a few radiology offices in a HIPAA
compliant manner using VPN. We were considering hardware firewalls
from Watchguard, Netgear, SonicWall, just read something about
NetScreen, don't know anything yet about HP. The offices are connected
using 768k upload DSL, which I presume is the bottleneck. I have read
previous posts on older equipment, but haven't seen anything
discussing 2004 equipment. I wondered what you all thought out there?

1. Which products would be the most cost-effective, given all the
different plans and service and upgrade stuff?

2. Why do the little boxes cost so darn much? They cost way more than
the computers you are trying to protect. I guess the data is
invaluable, but still...

3. What do you experts think about those arrangements where you buy
hours of telephone tech support to walk you through an install
yourself? Much cheaper than an on-site install. Is the end result as
reasonable? Or at least satisfactory?

4. There are all of these different kinds of authentication - user,
login, certificate. What do I really need? Different vendors all give
you different information.

Thanks,
Irwin