HIPAA Wireless Compliance Report - AirTight Networks
HIPAA Wireless Compliance Report - AirTight Networks
HIPAA Wireless Compliance Report - AirTight Networks
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>HIPAA</strong> <strong>Wireless</strong> <strong>Compliance</strong> <strong>Report</strong>About This <strong>Report</strong>The Health Insurance Portability and Accountability Act (<strong>HIPAA</strong>) of 1996 by the Department of Health and HumanServices (DHHS), mandates that healthcare organizations must safeguard the privacy and security of patienthealth information transmitted electronically. <strong>HIPAA</strong> Security Rule 45 CFR seeks to control leakage of patienthealth data to unauthorized users. This report assesses your network’s wireless security posture and identifieswireless vulnerabilities that may expose your organization to leakage of patient health data.Relevant <strong>HIPAA</strong> GuidelinesSection 164.308(a)(1): This section requires a securitymanagement process to be set up for risk assessmentand management.Section 164.308(a)(6): This section requires formaldocumentation and response procedures to be set upto handle wireless security incidents promptly.Section 164.312(e)(1): This section requires patienthealth data transmitted over wireless networks to beguarded against unauthorized access.How this report helps?This <strong>HIPAA</strong> report is the first step in establishing asecurity management process to assess and managethe risk of patient health data leakage through wireless.Periodic generation and archival of this <strong>HIPAA</strong> reportestablishes that your organization has a formaldocumentation and rapid response program to handleincidents related to patient health data leakagethrough wireless.Periodic generation and archival of this <strong>HIPAA</strong> reportestablishes that your organization has the capabilitiesto monitor, detect and safeguard against patient healthdata leakage through wireless.The report contains: (1) Summary of Results, (2) Detailed Results for all vulnerabilities that were detected, and (3)Recommended Actions that you need to take for remediation and for improving your network's security posture.The results are based on your airspace scanned using <strong>AirTight</strong> Network's pre-configured wireless scanners. Thetable below classifies vulnerabilities based on their severity and urgency of response. A detailed description ofeach severity level is given in Appendix D.Severity level Type Description5 Critical4 High3 Medium2 LowSecurity breach or wireless malpractice detected!An intruder may have entered your network; sensitive data isexposed; or your users are bypassing your security policy control(e.g., firewalls, and URL, spam, and malware filters).Known vulnerabilities those ignore basic security measuresand naturally expose your network and data assets even toinadvertent unauthorized access.Vulnerabilities that violate best practices and can lead tounauthorized usage of your network resources or hackers withmedium expertise and knowledge of published exploits canexploit these vulnerabilities in minutes.Hackers can collect information about your network and mayuse it to discover other vulnerabilities; high expertise needed toexploit these vulnerabilities.1 Probable Potential vulnerabilities that may pose a threat.Powered by <strong>AirTight</strong> <strong>Networks</strong> Page 3 of 20
Change language