Presentation is loading. Please wait.
HIPAA COMPLIANCE WITH DELL
SECURITY Administrative Procedures: Physical Safeguards:
To ensure security plans, policies, procedures, training, and contractual agreements exist Physical Safeguards: To provide assigned security responsibility and controls over all media and devices To provide specific authentication, authorization, access, & audit controls to prevent improper access to electronically stored information Technical Security Services: To establish communications/network controls to avoid the risk of interception and/or alteration during electronic transmission of information Technical Security Mechanisms:
SPECIFICS Requirement Dell/Partner
Administrative Procedures to Guard Data Confidentiality, Integrity and Availability Periodic inventory of hardware/software assets IT Assets Report Periodic security testing, including hands-on functional testing and verification Dell Vulnerability Scanning/Assessment Intrusion monitoring Patch Assessment Business Partner Agreements Appropriate contractual language to preserve “chain of trust” Contingency plan requiring formal assessment of the sensitivity, vulnerabilities, and security of covered entities Intrusion Monitoring Proactive vulnerability assessments Network Vulnerability Assessment Windows Intrusion monitoring Vulnerability scanning
Technical Security Services
SPECIFICS Requirement Dell/Partner Technical Security Services Ongoing monitoring of information system to determine if system has been compromised, misused or accessed by unauthorized individuals Overall IT monitoring Off-site Monitoring and Management Intrusion Monitoring/Alerting Patch Assessment Technical Security Mechanisms Event reporting mechanisms Automated security alerts, notification, and escalation capabilities Alarm System Audit Trails Real-time intrusion alerts; monthly intrusion summaries: login/logout activity by user/device; failed login details report; account modification activity by user/account report
Solution: Documents need for periodic inventory of IT assets Requirement: Maps to configuration management requirement
Solution: Internal security assessment; vulnerability testing and verification Requirement: “Periodic security testing”
TECHNICAL SECURITY MECHANISMS
Solution: Captures unauthorized activity and users Monthly Summaries Demonstrates who touched what and when Requirement: audit trails
TECHNICAL SECURITY SERVICES
Solution: Reduce costs of keeping up with Microsoft patches by automating identification and mitigation processes Requirement: Determine areas of network that are vulnerable because of missing patches
TECHNICAL SECURITY SERVICES & MECHANISMS
Solution: Document that critical pieces of security infrastructure are protected 24x7 Requirement: Assure firewall is operating efficiently
TECHNICAL SECURITY MECHANISMS
ENSURE AUTOMATED EVENT REPORTING, NOTIFICATION AND ESCALATION
DELL BENEFITS Reduce overall costs of complying with HIPAA
Automates preparation of audit and asset requirements Achieve compliance in the shortest time possible Predefined monthly summary reports allow for immediate deployment by network administrators and privacy officers Minimize the impact of compliance on day-to-day operations Provides one central view of IT resources and security requirements Enables preparation of a “full graphic response” to security requirements –not just legal forms Printable reports, easily exported to Excel, other formats
© 2023 SlidePlayer.com Inc.
All rights reserved.