Does anyone have any knowledge of HIPAA compliance related to web and database
server setup? Specifically, if I have one database server and one web server,
does the database server need to be completely removed from the internet or can
the firewall filter out everything but what I need to
I would check out this link which should have the information that you are
looking for:
https://www2.sans.org/reading_room/whitepapers/hipaa/hipaacompliant_configuration_guidelines_for_information_security_in_a_medical_center_environment_891
speeves
On Tue, Jan 13, 2009 at 4:54 PM, Dan Crouch
We set up our db server with two nics, one that only connects with the
app server and one that doesn't have any external routing but is only
reachable through a vpn for management. I consider that just good
practice regardless of the information you are storing. HIPAA
compliance is a nebulous
Does anyone have any knowledge of HIPAA compliance related to web and
database server setup? Specifically, if I have one database server and one
web server, does the database server need to be completely removed from the
internet or can the firewall filter out everything but what I need to
4 matches
Mail list logo
