Have fun reading. You will find that HIPAA does not say what encryption or standards to use. I think the writers of the bill were in love with the words "best" and "practices". If you are offering data connectivity then in my mind it's the clients responsibility is to comply with HIPAA. It's the same deal if the hospital was buying point to point or frame relay services from the telco. The telco does not provide a safenet, infoguard or VPN device. Unless it's part of the contract. (Note they will provide anything at a high cost.) Then in that case the telco manages and provides the hospital a safenet, infoguard or VPN device to go on each end of the termination point.
I would figure out what your client is look for and or requires in their security policy. Take note that HITECH is going to take affect soon so you might want to read up on HITECH. -mmiller On Thu, Aug 13, 2009 at 8:48 AM, Robert Miller<[email protected]> wrote: > Hello Everyone, > > I am hoping Larry or someone else may have an answer or direction to a > question regarding HIPAA and the security required for the connection. > I want to give some background information for those who may not know > our current network. > > We are a satellite internet service provider and are about to provide a > backup solution to hospitals, however I am trying to find out what type > of connection is required to comply with HIPAA. > > Does the connection need to be encrypted using hardware encryption? > > Does the connection require dedicated VPN Tunnel? > > Where can I get detailed information about HIPAA security guidelines? > > Is there another provider that has medical information transversing > between two or more remote locations and how are they complying? > > Any and all advice is greatly appreciated and thanks in advance for a > better direction! > > Robert > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
