holq9zmaun
Spacerowicz
Dołączył: 12 Mar 2011
Posty: 18
Przeczytał: 0 tematów
Ostrzeżeń: 0/2
Skąd: England
|
 Wysłany: Pon 11:17, 14 Mar 2011 Temat postu: Supras Cruizer Intranet Collaboration Supras Cruiz |
|
|
Health Insurance Portability and Accountability Act (HIPAA) was enacted to assure the confidentiality of patient information. This requires that health care providers employ stringent measures to assure that information shared on the internet is protected from unauthorized access.
The HIPAA Act requires health-providing entities to:
? Assign responsibility for security to a person or organization.
? Assess security risks and determine the major threats to the security and privacy of protected health information.
? Establish a program to address physical security, personnel security, technical security controls Supra Cuban purple, and security incident response and disaster recovery.
? Certify the effectiveness of security controls.
? Develop policies, procedures and guidelines for use of personal computing devices (workstations cheap Supra Bandit mid, laptops, hand-held devices) Supras Cruizer, and for ensuring mechanisms are in place that allow, restrict and terminate access (access control lists, user accounts, etc.) appropriate to an individual's status, change of status or termination.
? Implement access controls that may include encryption, context-based access, role-based access, or user-based access; audit control mechanisms, data authentication, and entity authentication
This law has serious implications for organizations that allow unauthorized access resulting in a breach in confidentiality.
Security is the key
Since the HIPAA law provides for both civil and criminal penalties for violations, data and access security is of the utmost importance. To assure HIPPA compliance, online document management on company intranets and extranets must include a number of security features:
? Secure web server - a server running secure socket layers is the minimum needed.
? Encrypted database - all data must be encrypted. Software is available that will encrypted all data sent between two computer over the internet.
? Secure access control -- in addition to a traditional user id and password, it may be a good idea to use a strong password or smart card as additional security.
? Session timeout - this assures that confidential data is not left on an unattended screen.
? Server monitoring - the secure web server needs to be strictly monitored to detect break-in attempts.
? Regular security audits - regular audits are required to make sure all security precautions are working properly.
? Personnel - system maintenance should be in the hands of qualified personnel familiar with HIPPA requirements
Post został pochwalony 0 razy
|
|
