Health Insurance Portability and Accountability Act (HIPAA)
The Health Insurance Portability and Accountability Act, introduced in 1996, includes standards of information security for the electronic storage of health information. The relevant standards were published as a rule in the US Federal Register in February 2003. Read on to find out how NGSSoftware's suite of security auditing tools can help your company achieve and maintain HIPAA compliance.
Section 8 of HIPAA - 'Technical Security Services to Guard Data Integrity, Confidentiality, and Availability' covers access control, auditing, authorisation and authentication. NGSSoftware's suite of security scanning tools audit IT infrastructures to make sure that permissions are applied and locked down, that appropriate logging is enforced and that users and roles in systems are well protected with a strong password policy.
Section 6, titled 'Administrative Procedures', requires that all organisations "evaluate [their] computer system(s) or network design(s) to certify that the appropriate security has been implemented". Our security auditing products make internal evaluation of computer and network security simple; generated reports can be distributed to both internal and external auditors to verify that the necessary procedures for compliance have been carried out.
