The Health Insurance Portability and Accountability Act (HIPAA) requirements makes privacy and security compliance for electronic Personal Health Information (ePHI) records in the medical industry challenging. On September 23rd, 2013 the final portion of the compliance requirements went into full effect. This requires a very high standard for compliance with electronic personal health information (ePHI) security and privacy for all "covered entities". A member of CSI's staff has completed Certified HIPAA Security Professional training to learn the latest compliance requirements. Some of the major requirements of the law are:
- Implement or Update Security Policies and Procedures
- Enter into or Update Business Associate Agreements
- Update or Implement Privacy Policies and Procedures
- Update HIPAA Privacy Notices
- Conduct Training
CSI offers medical practices a number of services to assist with HIPAA compliance:
- Paladin Network Assessments offer a number of network assessment options to independently review the health and status of your network. This can be a one-time assessment or a yearly assessment that can produce change reports from the last assessment. These reports include:
- Visual Network Diagram
- Recent Server and Workstation Health
- Anti-virus, Anti-Malware and Windows Firewall Status
- Current Microsoft Baseline Security Analysis (MBSA) best practices analysis of all Windows devices.
- Report on machines missing critical security updates and other Microsoft updates
- Software inventory of installed software to easily identify software that is a security threat to the network.
- Security Reports on:
- What Users Have Full Administrative Rights
- What Network Folders Users Have Access To
- What Type of Access Users Have (i.e. Read Only/Read Write)
- User Logon Behavior Reports
- Logon Failure Reports
- External Network Vulnerability Reports (i.e. what can be seen from the internet about your network)
- Paladin Sentinel Remote Monitoring provides 24x7x365 monitoring of your network and includes ongoing monitoring of many of the areas of concern to maintain HIPAA compliance standards. Monthly reports document compliance or deficiencies in these keys areas are provided.
- Paladin E-mail Defense can provide organizations with:
- Inbound and Outbound E-mail SPAM and Virus/Trojan filtering to protect your in-box and your devices.
- A Disaster Recovery Option for E-mail if on-premise E-mail systems go off-line.
- Message auditing so you can track where an email message originated from and was delivered to.
- E-mail message archiving to help meet legal requirements for electronic communications.
- Paladin Web Defense Provides Content filtering for website access to prevent accessing inappropriate sites and block known sites attempting to do you harm.
- Paladin Mobile Defense adds the ability to monitor the mobile devices in your network including smartphones, tablets, and laptops. This monitor includes geo-tracking of equipment location, enforcing mobile password and application downloading policies, locking out unauthorized users from mobile devices, and electronically deleting all data on many remote, mobile devices that are lost, stolen, or are found to be in the possession of unauthorized users.
- Paladin Cloud Backup provides HIPAA complaint on-site and off-site backups to redundant East Coast/West Coast data centers for disaster recovery purposes.
- Paladin Wireless Assessment services can ensure that your wireless network is secure for your internal records while providing convenient guest access for their personal use.
- Paladin Anti-virus Defense provides central monitoring and management of all your anti-virus software on all your managed workstations and servers.
- Paladin Firewall Defense can provide central monitoring of network firewalls including:
- Secure remote access solutions
- Intrusion Protection Service (IPS) monitoring to provide an added layer of protection beyond just anti-virus and anti-malware and normal security updates. It actually looks at both the inbound and outbound network traffic providing expert system analysis of real and potential security threats.
The depth and breath of CSI's monitoring, reporting, remediation, disaster recovery, and security offerings allow us to assist you in meeting these new higher HIPAA security standards and protect your patent's electronic Personal Health Information.
We'd love to discuss with you how CSI can help keep your network healthy, productive, and secure to meet the needs of your organization.
|To find out more about how CSI can help your business, contact us.