HIPAA

HIPAA applies to virtually all healthcare organizations — including all healthcare providers, health plans, public health authorities, healthcare clearinghouses, and self-insured employers – as well as life insurers, information systems vendors, various service organizations, and universities. The Administrative Simplification section of HIPAA resulted in several rules, including the Security Rule. The final Security Rule was published on February 20, 2003, and provides for a uniform level of protection of all health information that is housed or transmitted electronically and that pertains to an individual. HIPAA requires covered entities to:

• Ensure the confidentiality, integrity, and availability of all electronic protected health information (ePHI) the covered entity creates, receives, maintains, or transmits
• Protect against any reasonably anticipated threats or hazards to the security or integrity of ePHI
• Protect against any reasonably anticipated uses or disclosures of such information that are not permitted or required by the Privacy Rule ensure compliance by their workforce.

HIPAA calls for severe civil and criminal penalties for noncompliance, including fines of up to $25K for multiple violations of the same standard in a calendar year, and fines of up to $250K and/or imprisonment up to 10 years for knowing misuse of individually identifiable health information.

Ensuring Compliance
Sourcefire is the first and only intelligent cybersecurity system that integrates IPS, NBA, and compliance technologies to provide healthcare organizations with the most effective, efficient network security for adhering to HIPAA security regulations.

Sourcefire Enables HIPAA Compliance
Sourcefire enables a fully integrated, real-time process of discovering risks, vulnerabilities, and threats; determining their business impact; and taking the most precise, appropriate action to defend the network – exactly what your company needs to address HIPAA security requirements.