Docstoc

Privacy and Security

Document Sample
Privacy and Security Powered By Docstoc
					        The Standard, Smart Approach for
    Integrity, Confidentiality and Availability of
    Electronically Protected Health Information




                                         Exceeds HIPAA



                             . Guidelines .
                                         Health Care Financing Administration




                       Privacy and Security
WHO is Covered?
   a. Health Plans
   b. Health Information Clearinghouses
   c. Health Care Providers
(Accident, Health Insurance & Medical Service Plans; Health Care Services including Lab Services;
Hospitals; Nursing and Personal Care Facilities; Offices and Clinics of Dentists; Offices and Clinics of
Doctors of Medicine; Offices and Clinics of Other Health Care Practitioners)

HOW to Comply?
  a. Train employees about security and privacy.
  b. Designate a security and privacy liaison.
  c. Use the Standard, Smart Approach by CounterStrike for the most cost-effective and
     simplest solution available.
  d. Obtain patient consent for most disclosures of protected health information.
  e. Develop a Trading Partner Agreement that extends privacy and security protections to third
     party business associates.


                       800-505-8966, ext. 101
                                  www.counterstrike.com
      help@counterstrike.com              468 N. Camden Drive, 3rd Floor, Beverly Hills, CA 91020
                                            is Favorably Positioned vs. Distributed Firewalls



Based on the intent of the HIPAA law, organizations need to take reasonable steps to
safeguard information or face consequences to do so. Specifically:

What does the law mean by reasonable steps?

         Organizations are required to have in place protective administrative and management
         techniques, educate their employees about these procedures and impose disciplinary
         sanctions against employees who use information improperly or carelessly.

         While undergoing efforts to comply with regulations, organizations should also focus on
         effective solutions that minimize the resulting impact on administrative personnel and
         network overhead - and which offers scalable and flexible growth potential over time.


The Top 10 Security Threats to HIPAA                            Preventative Security Provided During an Attack



    1.     Firewall and System Probing
    2.     E-Mail Attacks
    3.     Network File Systems (NFS) Application
           Attacks
    4.     Vendor Default Password Attacks
    5.     Sniffing, Spoofing, Fragmentation and
           Splicing Attacks
    6.     “Insider” Attacks
    7.     Easy-to-Guess Passwords
    8.     Computer Viruses
    9.     Prefix Scanning
    10. Trojan Horse

 Distributed firewalls (DFW) deploy firewall functionality directly on computer servers and
 desktops. In addition to traditional firewall functions, many of today’s DFW’s also include
 combinations of IDS (Intrusion Detection System) and content pattern matching features.

 Distributed firewalls only solve a small part of the HIPAA security problem. Systems
 Shield’s behavior enforcement technology goes far beyond DFW in protecting servers
 and desktops from attacks. Systems Shield includes basic DFW features and also
 prevents damage based on the correlating file and network operations.
and Distributed Firewall Benefit Comparison
                                                                      Standard, Smart Approach
What Do I Receive?

First, you receive a condensed, easy to read set of regulations and guidelines that you must comply with for privacy and security.

Second, you will receive a process or procedure for each regulation or guideline that outlines what, at a minimum, must be fulfilled in order to
be HIPAA compliant.

Third, depending upon whether you have computer desktops or servers (or both), you will receive CounterStrike’s System Shield software ‘for
each computer’ which will solve the issues regarding HIPAA and its compliance.

Who Performs the Implementation?

CounterStrike personnel will perform the computer implementation of Systems Shield for every computer desktop or server and also conduct
a HIPAA assessment that will be reviewed with you.

Most items discovered during the HIPAA assessment that are non-computer related can be resolved easily with your existing personnel.
Those items that are computer related but outside the scope of Systems Shield usually revolve around good business practices.

In situations where you desire CounterStrike to complete the HIPAA compliance, additional costs will be quoted prior to any commencement
of work.

When Will I be HIPAA Compliant?

Systems Shield runs in a ‘training test mode’ for approximately two weeks. This usually provides ample time for the software to model the
behavior of your computer systems and applications. The interrelationship of events, and the resulting proactive actions taken by Systems
Shield, is crucial for the prevention of problems which HIPAA addresses.

After adjustments are made and Systems Shield goes ‘live,’ the computer running Systems Shield will be HIPAA compliant.

Once the remaining computer and non-computer policy and procedure issues are addressed, you will be in full HIPAA compliance.

Where Will All This Take Place?

At your office or wherever you keep your patient health care information.

How Much Does It Cost?

Systems Shield is priced at $500.00 per computer desktop and $2,500.00 per computer server. Discounts are offered for multiple computers
and will be quoted to you after a Free Network Assessment.

The HIPAA regulations and guidelines - and their necessary policies and procedures - are included for FREE when you use the Systems
Shield Standard, Smart Approach.

Why Do I Need To Do Anything At All?

HIPAA is enforced by the Office of Civil Rights of the Department of Health and Human Services (HHS). The law provides no private cause of
action for patients who wish to sue under the act. They must bring their request to the Office of Civil Rights, which will conduct an investigation.

HIPAA provides severe civil and criminal penalties for violations which include:

♦     Fines of up to $250,000
♦     Up to ten (10) years in prison

Be Prepared and you will not have any problems. The Standard, Smart Approach from CounterStrike will provide peace of mind for HIPAA.

Be Safe and Do Not Be Sorry.

                                           800-505-8966, ext. 101
                                                      www.counterstrike.com
         help@counterstrike.com                            468 N. Camden Drive, 3rd Floor, Beverly Hills, CA 91020

				
DOCUMENT INFO
Shared By:
Stats:
views:5
posted:3/19/2011
language:English
pages:4