|Picture provided by Google|
Introduction to HIPAA (Health Insurance Portability and Accountability Act)
HIPAA stands for Health Insurance Portability and Accountability Act and was initially signed in 1996. HIPAA establishes the national standards for electronic health care transactions and was set up primarily to assure the portability and the privacy of health information. HIPAA includes several standards relevant to managing a wireless network such as the privacy rule and the security rule, applicable to health plans, healthcare clearinghouses, and health care providers collectively known as covered entities. The security rule is then subdivided into 3 categories: Administrative Safeguards, Security Safeguards, and Physical Safeguards. We will discuss and elaborate on how 4ipnet products can be implemented to construct a HIPAA-compliant wireless network.
HIPAA-Compliant solution 4ipnet offers
- Login monitoring & Password Management-
4ipnet’s intuitive Web User Interface (Web UI) facilitates the creation, alteration and safeguarding of User and Admin passwords. There needs to be a record for configurations to track and manage both successful and unsuccessful logins for all users and admin, in case of inappropriate manipulations on the network.
- Access Control & Unique User Authorization-
4ipnet controllers support both built in and external authentication databases. User credentials can be stored in built-in databases when set up with a Local or On-Demand database. The common external authentication options such as RADIUS, LDAP, SIP, NT Domain and POP3 are also supported on 4ipnet controllers. A unique User ID can be assigned to track user identity, and the concept of Service Zones, Grouping and Policies is crucial for controlling access to confidential health information. A Service Zone is a logic partition of the LAN. It is a virtual gateway with a customizable login page with its own gateway properties (such as LAN IP address, DHCP server settings, authentication options, etc.). A Group is a user role profile which defines the accessibility of a user to different Service Zones and in turn defines the QoS properties as well as network policy when access is granted. Policy, as the term suggests, are profiles of network governing constraints which are enforced upon users, including firewall rules, login schedule, routing rules and session allowances. Depending on the caregivers’ scope of work, they can be allocated to the specified Service Zones governed under different sets of policy. The Free option, as the name suggests, is also available for guest access control.
- Automatic Logoff-
This is a necessary feature to protect sensitive health information. 4ipnet has the ability to implement termination of a session after a predetermined time of inactivity. A threshold can also be set to automatically log a user off when traffic volume is less than the threshold. When preconfigured, the disconnection is done electronically without manual operation. Disconnection can also be done manually when necessary.
- Integrity Control & Encryption-
Coupled with 4ipnet’s Access Control capabilities, encryption for your wireless network act as an important reinforcement for security. Various security types are integrated into the system including WPA/WPA2/802.1x. Firewalls (both layer 2 and wireless) as well as the MAC Access Control List (MAC ACL) can be set up to bolster confidentiality. 4ipnet follows the 802.11i standards and these security measures are implemented to ensure that protected electronic health information is not inappropriately modified or exploited.
- Audit Control-
The user-friendly Web UI makes it a breeze to monitor Admin/User log-ins, and also to administer system logs, user logs, web logs and etc. The bandwidth each user is granted can be tracked in the user log, along with a user’s activities such as packets sent/received. Access Points are easily managed and user-level events such as SSID association, authentication and bandwidth usage can be conveniently monitored.
- Response and Reporting-
Suspicious security incidents need to be detected and mitigated. This includes common symptoms such as DoS attacks, which put the network at risk. Packets with spoofed IP addresses will be dropped. When a source address sends multiple packets to different ports in a short time, Port Detection Scan will drop the excessive TCP or UDP packets to protect the system. One of the major factors in controlling these security incidents lies in identifying rogue access points. Admin would be alerted in case of rogue AP detection. This is not only applicable to APs but to any unauthorized device that are connected either wirelessly or via physical ports to the controller.
- Facility Access Control-
A crucial feature that is often overlooked is the need to safeguard the facility and the equipment therein from unauthorized physical access, tampering, and theft. As the controller is the centerpiece of the network, it is typically secured in a restricted area. Access Points on the other hand are comparatively vulnerable to tampering. 4ipnet APs are equipped with Kensington locks, and are wall/ceiling mountable to keep them out of reach.
4ipnet as the Solution Provider
4ipnet is devoted to delivering the highest quality of service and at the same time complying with the HIPAA Safeguards. Healthcare facilities have very demanding and challenging networking requirements based on the nature of their environment. 4ipnet excels in AAA (Authentication, Authorization and Accounting), and together with 802.11i standard encryptions, we deliver first-tier security needed in a delicate environment. The intuitive User Interface makes deployment and management effortless, as system logs, user logs, web logs and etc. are easily tracked. 4ipnet delivers the complete turnkey package of network security and access control right at your fingertips!