Access "Vendor compliance management: Are health care software vendors HIPAA compliant?"
This article is part of the October 2007 issue of Tips from the 2007 Security 7 Awards
Your doctor recommends you have an angioplasty to clear the arteries to your heart. At the hospital, you start in the admissions department, giving all your personal information to a stranger who enters it into a computer. What you don't realize is how vulnerable your personal information has just become and how many people who have nothing to do with your health care now have access to it. Hospitals exist to take care of patients, not to write software, so they typically purchase it from third parties. HIPAA covers only health care and insurance providers but not the companies that produce software used in health care. How can the health care industry comply with HIPAA if the software companies are not accountable for the security of their products? Let's continue with our hypothetical visit to the hospital to uncover other software vulnerabilities and learn more about the importance HIPAA vendor compliance management. The doctor runs you through a couple of tests to assess your condition. You are attached to a PC where an electrocardiogram is run. Little ... Access >>>
Premium Content for Free.
Achieving Access Control with Symark PowerBroker 5.0
In this product review, discover everything you need to know about Symark PowerBroker 5.0, such as policy control, logging and reporting capabilities, configuration and management.
Guardium SQL Guard 6.0 product review
Guardium SQL Guard 6.0 is evaluated on its ability to monitor access to SQL databases. SQL Guard ensures a system of checks and balances between the security and database engineering teams.
Knoppix-NSM removes complexity of Snort-based network security monitoring
by Russ McRee, Contributor
Open source Knoppix-NSM is a complete network security monitoring system on a single CD.
Device Management: Pointsec Protector software review
Pointsec Protector manages unsecured ports and endpoint devices while transparently delivering encryption, filtering content, enforcing policies and maintaining an audit trail, even when mobile devices are disconnected from the network.
BeyondTrust Privilege Manager 3.0 product review
BeyondTrust's Privilege Manager 3.0 addresses elevated user privileges through a Group Policy extension that allows organizations to control permissions for selected processes and applications.
- Achieving Access Control with Symark PowerBroker 5.0
SonicWALL TZ 180W firewall product review
SonicWALL TZ 180W is an effective firewall for small- and medium-size businesses with a subset of features that will appeal to network managers.
Proofpoint On Demand Product Review
In this product review, learn about Proofpoint On Demand antivirus and antispam features.
Security 7 Award winners successfully integrate security and business
The 2007 Information Security magazine Security 7 Award winners demonstrate how their strategies for integrating their security programs into the overall business.
Log management reins in security and network device data
Learn how to manage log data from security and network devices in order to manage security events in real time.
Automated configuration management tools clean out redundant rules
Change management becomes a tough challenge when implementing numerous firewalls.
- SonicWALL TZ 180W firewall product review
Learn to balancing security and usability
Security measures such as constant password changes, are becoming intrusive, and the return is questionable.
Interview: CISO explains enterprise's access control policies
Access control and authentication isn't as simple as setting up user IDs and passwords.
Vendor compliance management: Are health care software vendors HIPAA compliant?
Software used in health care is rife with vulnerabilities. It's time vendors shape up.
- Viewpoint: Hard drive encryption growing
Redefining free security software
Popular open source security products such as Nessus, Snort and Clam AV are being commercialized, redefining the notion of free software.
- Learn to balancing security and usability
More Premium Content Accessible For Free
Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...
The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...
For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...