Just about any security-conscious organization should already have one in place, to some degree. However, "intrusion detection" is a loose term, and a very wide variety of products and services meet that description in one way or another.
If you're considering a network-based IDS, I'd recommend Snort. It's free, updated often, and *very* widely used. So your obvious cost is only hardware. However, in addition to the cost of the hardware to run the software, you also need to take into account whether you can afford someone who can actually make sense of and respond to the data. An IDS is no good placed in the hands of an admin who is only interested in keeping things going. And a security analyst can be expensive. Bottom line: If you have some bright folks on staff, let them get going with something like Snort, and 1) your organization is going the extra mile, which will help with HIPAA, if nothing else (HIPAA doesn't care about IDS by definition), 2) your network and staff are improving daily. But that's just my point of view! Cheers Keith ----- Original Message ----- From: "Baldassinlight, Donna" <[EMAIL PROTECTED]> To: "WEDI SNIP Security Workgroup List" <[EMAIL PROTECTED]> Sent: Tuesday, September 09, 2003 3:31 PM Subject: IDS (Intrusion Detection Systems) > Does anyone know whether health care providers are using or considering the > use of IDS (Intrusion Detection Systems) to comply with the security > regulations under HIPAA. We understand that there are about six firms that > provide this type of service. Does anyone know of any healthcare > organizations that have purchased or are considering this? Is it cost > effective considering the level of risk for a 700 bed hospital or a 300 bed > nursing home? > Thanks, > Donna > > > --- > The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. > > You are currently subscribed to wedi-security as: [EMAIL PROTECTED] > To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] > If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org > --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-security as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org