PaulDotCom mailing list archives
HIPAA Remote Site Connection Question
From: travelingregbaker at yahoo.com (Gregory Baker)
Date: Sat, 15 Aug 2009 09:05:41 -0700 (PDT)
Greetings, We've consulted with DMERC software vendors from time to time regarding HIPPA compliance. There are many small medical billing operations across the country and several software companies provide solutions for these folks to help them through the web of disparent formats and regulations. For software vendors and connectivity providers HIPPA essentially boils down to maintaining a chain of custody and the protection of the digital assets. As the connectivity provider, your part is somewhat easy compared to the software vendors. An AES VPN tunnel would be your part along with the possible full control of both end point connections (managed WAN firewall/routers). Yes, it is technically not an explicit HIPPA requirement but strongly advised. That stated, the laws of physics come into play when using VPN tunnels with satellite connectivity. It's been our experience that the inherit latency results in increased cpu load on the VPN end point devices. We've needed to deploy beefy routers in such situations in order to keep the cpu loads reasonable. If their budget can allow, hardware based WAN optimization (Riverbed) is ideal in such situations and can significantly overcome increase the performance across the connection. $.02 Deposited --- On Thu, 8/13/09, Robert Miller <arch3angel at gmail.com> wrote:
From: Robert Miller <arch3angel at gmail.com> Subject: [Pauldotcom] HIPAA Remote Site Connection Question To: pauldotcom at mail.pauldotcom.com Date: Thursday, August 13, 2009, 11:48 AM Hello Everyone, I am hoping Larry or someone else may have an answer or direction to a question regarding HIPAA and the security required for the connection.? I want to give some background information for those who may not know our current network. We are a satellite internet service provider and are about to provide a backup solution to hospitals, however I am trying to find out what type of connection is required to comply with HIPAA. Does the connection need to be encrypted using hardware encryption? Does the connection require dedicated VPN Tunnel? Where can I get detailed information about HIPAA security guidelines? Is there another provider that has medical information transversing between two or more remote locations and how are they complying? Any and all advice is greatly appreciated and thanks in advance for a better direction! Robert _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- HIPAA Remote Site Connection Question Robert Miller (Aug 13)
- HIPAA Remote Site Connection Question Howard Siegel (Aug 13)
- HIPAA Remote Site Connection Question Michael Miller (Aug 13)
- HIPAA Remote Site Connection Question Jeremiah Wilson (Aug 14)
- HIPAA Remote Site Connection Question Jody & Jennifer McCluggage (Aug 14)
- HIPAA Remote Site Connection Question Jeremiah Wilson (Aug 14)
- HIPAA Remote Site Connection Question brad (Aug 14)
- HIPAA Remote Site Connection Question Gregory Baker (Aug 15)