SOC & HIPAA Compliance



Similar documents
ARRA HITECH Stimulus HIPAA Security Compliance Reporter. White Paper

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Client Security Risk Assessment Questionnaire

Caretower s SIEM Managed Security Services

Payment Card Industry Data Security Standard

NEC Managed Security Services

End-user Security Analytics Strengthens Protection with ArcSight

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Through the Security Looking Glass. Presented by Steve Meek, CISSP

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

Preemptive security solutions for healthcare

Business Case Outsourcing Information Security: The Benefits of a Managed Security Service

PCI Requirements Coverage Summary Table

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Information Security Services. Achieving PCI compliance with Dell SecureWorks security services

whitepaper The Benefits of Integrating File Integrity Monitoring with SIEM

Current IBAT Endorsed Services

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

BAE Systems PCI Essentail. PCI Requirements Coverage Summary Table

The Education Fellowship Finance Centralisation IT Security Strategy

Injazat s Managed Services Portfolio

PCI Requirements Coverage Summary Table

Cloud Security: Getting It Right

Tenzing Security Services and Best Practices

Cloud and Data Center Security

DETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

PCI DSS COMPLIANCE DATA

Firewall Administration and Management

GoodData Corporation Security White Paper

Corporate Overview. MindPoint Group, LLC 8078 Edinburgh Drive, Springfield, VA Office: Fax:

IBM QRadar Security Intelligence April 2013

The Evolution of Application Monitoring

Clavister InSight TM. Protecting Values

Ecom Infotech. Page 1 of 6

Managed Security Services for Data

Solutions and IT services for Oil-Gas & Energy markets

SMS. Cloud Computing. Systems Management Specialists. Grupo SMS option 3 for sales

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst Page 1 of 7

The Business Value of Managed Security Services

TRIPWIRE NERC SOLUTION SUITE

VMware vcloud Air Security TECHNICAL WHITE PAPER

The CIO s Guide to HIPAA Compliant Text Messaging

Salesforce & HIPAA Compliance

Continuous Cyber Situational Awareness

Click to edit Master title style. How To Choose The Right MSSP

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

North American Electric Reliability Corporation (NERC) Cyber Security Standard

Supplier Information Security Addendum for GE Restricted Data

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

Security Information & Event Management (SIEM)

ALERT LOGIC FOR HIPAA COMPLIANCE

IT Security & Compliance. On Time. On Budget. On Demand.

White Paper How Noah Mobile uses Microsoft Azure Core Services

2012 North American Managed Security Service Providers Growth Leadership Award

Unified Security Anywhere HIPAA COMPLIANCE ACHIEVING HIPAA COMPLIANCE WITH MASERGY PROFESSIONAL SERVICES

SP Monitor. nfx One gives MSPs the agility and power they need to confidently grow their security services business. NFX FOR MSP SOLUTION BRIEF

SolarWinds Security Information Management in the Payment Card Industry: Using SolarWinds Log & Event Manager (LEM) to Meet PCI Requirements

SANS Top 20 Critical Controls for Effective Cyber Defense

BMC s Security Strategy for ITSM in the SaaS Environment

PCI Compliance for Cloud Applications

Securely Yours LLC IT Hot Topics. Sajay Rai, CPA, CISSP, CISM

Best Practices for Building a Security Operations Center

System Security Plan University of Texas Health Science Center School of Public Health

Cloud Assurance: Ensuring Security and Compliance for your IT Environment

Continuous Network Monitoring

Cloud and Regulations: A match made in heaven, or the worst blind date ever?

Secure HIPAA Compliant Cloud Computing

Unified Security, ATP and more

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

Top Five Ways to Protect Your Network. A MainNerve Whitepaper

INCIDENT RESPONSE CHECKLIST

Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform

A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS

Network Segmentation

Logging In: Auditing Cybersecurity in an Unsecure World

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

SECURITY OVERVIEW FOR MY.ENDNOTE.COM. In line with commercial industry standards, Thomson Reuters employs a dedicated security team to protect our

McAfee Security Architectures for the Public Sector

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)

Assuria can help protectively monitor firewalls for PCI compliance. Assuria can also check the configurations of personal firewalls on host devices

Digi Device Cloud: Security You Can Trust

MANAGED SECURITY SERVICES (MSS)

Las Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM

Information & Asset Protection with SIEM and DLP

INTRUSION PREVENTION SYSTEMS: FIVE BENEFITS OF SECUREDATA S MANAGED SERVICE APPROACH

Personal Security Practices of the CAO

What is Security Intelligence?

Nine Steps to Smart Security for Small Businesses

PCI DSS Reporting WHITEPAPER

Strategic Plan On-Demand Services April 2, 2015

THE BLUENOSE SECURITY FRAMEWORK

Extreme Networks Security Analytics G2 Vulnerability Manager

Leading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA

Analyzing HTTP/HTTPS Traffic Logs

TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series

AlienVault for Regulatory Compliance

Lot 1 Service Specification MANAGED SECURITY SERVICES

IT Security Strategy and Priorities. Stefan Lager CTO Services

Transcription:

2014 All Rights Reserved ecfirst An ecfirst Case Study: SOC & HIPAA Compliance

An ecfirst Case Study: Lunarline & HIPAA Compliance TABLE OF CONTENTS EXECUTIVE SUMMARY... 3 SECURITY OPERATIONS CENTER (SOC)... 3 LUNARLINE... 3 What is Lunarline?... 3 Why Lunarline?... 3 Lunarline Security... 4 Features... 4 Privacy Services... 5 Key Capabilities... 5 HIPAA Compliance... 6 HIPAA Security Rule Compliance... 6 HSCR Benefits... 6 HSCR Features... 6 Enterprise Compliance Console for HIPAA... 7 HEALTHCARE SECURITY SERVICES- HSS... 8 What is HSS?... 8 Why HSS?... 8 Compliance Solutions... 8 Physical security... 10 INETU... 11 What is INeTU?... 11 Why INetU?... 11 Features... 11 Compliance & Audits... 14 HIPAA Compliance Dashboard... 14 HIPAA Compliance Security Services... 14 REFERENCES... 16 2014 All Rights Reserved ecfirst 2

An ecfirst Case Study: Lunarline & HIPAA Compliance EXECUTIVE SUMMARY Security Operations Center (SOC) A security operations center (SOC) is a centralized unit in an organization that deals with security issues, on an organizational and technical level. A SOC within a building or facility is a central location from where staff supervises the site, using data processing technology. Lunarline What is Lunarline? Lunarline builds Security Operations Center (SOC) Solutions. Its services concentrate on ensuring cyber security and privacy challenges. Lunarline has been the driving force behind some of the most successful SOC and NSOC operations in both the government and private sector. Why Lunarline? Lunarline s SOC solutions: Enterprise Governance and Cyber Security Protection Support (Full Incident Lifecycle) 24X7X365 Enterprise Managed Security Services Provider (MSSP) delivering Vulnerability Assessment Service, Incident response, centralized management of antivirus measures and Security Log Management Service Enterprise-wide Network Visibility and Discovery Service Securing networks and critical systems with real-time countermeasures Customer-Specific Real-Time Dashboards, Cyber Specific Threat, and Risk Scoring Dashboards with integration experience over 3000 types of structured and unstructured data types Secure installation, configuration, provision, and maintenance of NSOC Systems and Assets Monitoring, Analysis, Detection, and Defense of Organization Assets and Systems SOC / Monitoring / Log / Operational / Security / Privacy Architecture Development Full Incident Response Lifecycle and Forensics Support to include fly-away teams Integration of existing SOC investments into a Continuous Security Monitoring Capability Support of external Business Partner Monitoring (Trust but Verify Service) Advanced Persistent Threat (APT) and Insider Threat Monitoring, Forensic Sampling, and Focused Operations 2014 All Rights Reserved ecfirst 3

An ecfirst Case Study: Lunarline & HIPAA Compliance Independent Verification and Validation (IV&V) and Pen Testing Services Development of custom security and compliance monitoring solutions (Government, Healthcare, Financial, Insurance, and Critical Infrastructure) Privacy Breach Response and Data Loss Prevention (DLP) Services Basic and Advanced Cyber Security Awareness Training (online and handson) to include incident response testing support SOC Program Management and expert technical staff augmentation for surge operations to support installation and configuration of firewalls, intrusion prevention systems, malware detection devices, SSL VPNs, anti-virus, endpoint devices, and security assessment software Lunarline Security Lunarline is a Department of Veterans Affairs (VA)-certified Service-Disabled Veteran-Owned Small Business (SDVOSB) with an award winning and successful track record of providing cyber security solutions and support throughout the Federal Government and selected commercial communities. It is focused solely on cyber security, information assurance (IA), and privacy disciplines. Its cyber security service coverage and delivery is ISO and CMMi certified to ensure consistent quality, pricing, and on-time delivery, but more importantly its service coverage areas are managed by trained and certified domain experts. Features Lunarline develops a custom tailored FedRAMP solution. It has conducted over 500 successful Security Assessments and Authorizations, using the same standards required by FedRAMP. It offer a suite of training, services and products to streamline FedRAMP compliance and automate continuous monitoring. Training: It provides FedRAMP and security compliance training, tailored to customer's unique requirements and technology. It teaches them how to tailor controls, prepare documentation, identify and fix problems, and survive an assessment. Services: It provides a comprehensive suite of services designed to implement a tailored, efficient, lasting compliance program. Products: Its automated continuous monitoring products provide real-time insight into enterprise compliance posture. 2014 All Rights Reserved ecfirst 4

An ecfirst Case Study: Lunarline & HIPAA Compliance Privacy Services Lunarline provides Privacy Professional Services such as a robust range of professional and technical services to assist customer in protecting personally identifiable information (PII) or Personal Data; protected health information (PHI); electronic health records (EHR); protected financial information; sensitive or special categories of data; and intellectual property (IP). Lunarline provides training on Privacy Training and Education It provides Privacy Services like: U.S. Privacy Services (Public and Private Sectors) Global Privacy Services Vendor and Cloud Privacy Assessments Mobile and Online Marketing Privacy Services Data Breach Response Services Key Capabilities Lunarline SOC helps organization to face the challenges of the modern cyber world. As a Managed Security Service Provider (MSSP), Lunarline integrates data from customer organization's IT and security tools into its comprehensive monitoring and correlation solution, housed safely in its secure, accredited facility. On a 24x7x365 basis, its SOC team analyzes this data to shed light on their network's darkest corners and keep a watchful eye on their enterprise security posture. Its MSSP support includes: Enterprise risk management Secure asset management Incident response and cyber forensics Advanced Persistent Threat detection and response Cyber threat intelligence Continuous monitoring Compliance posture reporting Data Loss Prevention Privacy breach response Insider Threat Detection Business partner monitoring 2014 All Rights Reserved ecfirst 5

An ecfirst Case Study: Lunarline & HIPAA Compliance Lunarline's approach consolidates and analyzes data from across the organization's network, capturing critical intelligence and providing real-time insight into enterprise risk. With custom dashboards and push button reporting - backed by Lunarline's expert cyber analysts - its SOC provides customers and their team with the situational awareness necessary to navigate an increasingly dangerous cyber world. Lunarline's MSSP support includes an Intrusion Detection System (IDS) and a Security Incident Event Manager (SIEM), both based on industry leading technology. HIPAA Compliance HIPAA Security Rule Compliance Lunarline provides the software called HIPAA Security Rule Compliance Reporter (HSCR) that deploys state of the art enterprise risk management technology to allow customer to meet the HIPAA Security Rule requirements for hospitals and their business associates. The software supports SCAP vulnerability scan data uploads and direct input or uploads of syslog data from perimeter security devices. Policy inputs include HIPAA specific questions and enhanced reporting. The HSCR console enables the monitoring of the HIPAA security rule compliance status of each business associate. The console allows for hospital access to real-time display of the HIPAA security rule compliance status of all active business associates as described in NIST 800-66. HSCR Benefits Compliance limits liability Annual subscription based program Protects data Auditable reports Uses approved NIST methods Automates time consuming processes Automates extraction of syslog data HSCR Features Roadmap to full HIPAA compliance Continuously updated using Federal standards Software as a Service (SaaS) Secure Input (SSL) 2014 All Rights Reserved ecfirst 6

An ecfirst Case Study: Lunarline & HIPAA Compliance Encrypted Storage of input data Encrypted PDF Reports Supports SCAP vulnerability scan import Supports IPS/AV upload Enterprise Compliance Console for HIPAA This is the enterprise management compliance package. It includes a console that allows hospitals or distributed health care enterprises to access and to view the HIPAA security rule compliance status of all of their business associates. The console allows the hospital to review and display the HIPAA security rule compliance status of each or all active business associates that have been configured and authorized access. 2014 All Rights Reserved ecfirst 7

An ecfirst Case Study: HSS & HIPAA Compliance Healthcare Security Services- HSS What is HSS? HSS Inc., one of America s leading outsourcing companies. They provide personalized, technical, and professional service programs to enhance the value of their customers business. HSS offers highly regarded programs in: Healthcare Security Aviation and Government Services Security Security Systems Integration Medical Equipment Management More Health Care Services Why HSS? HSS provides Cost-efficiency Proven security processes and best practices Full range of security programs and services Long-term commitment to your success Rigorous screening and hiring methods Extensive regulatory compliance expertise Skilled, trained healthcare security officers: experienced, reliable, responsible World class customer service Technology-driven rapid response operational support Compliance Solutions HSS Healthcare Security Compliance Solutions HSS is a leader in helping customers meet the many challenges of healthcare security compliance. The Joint Commission (TJC) HSS is a nationally recognized leader in applying TJC compliance strategies to customer security programs. HSS takes responsibility for planning all TJC Environment of Care requirements related to security. The Annual Effectiveness Review that HSS prepare for customers every year is considered a best practice by numerous TJC surveyors. 2014 All Rights Reserved ecfirst 8

An ecfirst Case Study: HSS & HIPAA Compliance Health Insurance Portability and Accountability Act (HIPAA) HSS help customer ensure protection of your patients health information as stipulated by HIPAA, the Privacy Act of 1974, and their facility s patient privacy requirements. Security Operations Center (SOC) The HSS Security Operations Center (SOC), which exclusively supports HSS security, serves as the centralized monitoring and dispatch center for healthcare facilities nationwide. The key benefits of centralizing responsibility for all of customer facility s security-related telephone calls, alarm monitoring, emergency communications, and radio dispatching with HSS include: Accelerate officer response time. Expedite information sharing. Facilitate staff and visitor contact with security. Reduce dispatch costs. Significant Savings HSS has been able to cut costs 66% or more by moving customers dedicated security dispatch to HSS security and maintain or improve the quality and timeliness of response. Advanced Communications Technology HSS continually upgrade their technology to ensure they operate at the highest level of reliability and availability. HSS s Nextel communications system has three independent forms of communication cell phones, radios, and text messaging. If one, or even two, of these fail, the SOC can continue to provide critical communication to customer s security officers and responders. HSS has a Level 5 Emergency Access priority, which is the level just below the President, military, Congress, and first responders. This enhances their ability to communicate in an emergency or disaster. HSS use an uninterruptible power supply and generator back-up power for all SOC radio, phone system, and electrical circuits so they are able to maintain communication during emergencies, disasters, or power failures. All phone calls and radio transmissions are digitally recorded, which provides the documentation customer need for definitive complaint resolution and effective dispatcher training. Redundant servers ensure that calls are safely retained for future retrieval as needed. 2014 All Rights Reserved ecfirst 9

An ecfirst Case Study: HSS & HIPAA Compliance Physical security Physical security is the heart of healthcare security. There simply is no substitute for the professional expertise and human touch of security officers at customer facility. But, given cuts in Medicare and Medicaid funding, hospitals need to ensure they are operating efficiently and cost-effectively. Supplementing physical security with carefully selected and properly applied electronic security is playing an increasingly important role in safeguarding the nation s healthcare facilities for several reasons: Technology brings new efficiencies to security programs that can lower cost. HSS Security Incident Management Software (SIMS) facilitates greater understanding of security incidents and provides faster, customized customer reporting. Officers use their mobile handheld devices to file incident reports, access information such as facility orders and BOLOs more quickly, and test security equipment and automatically log results. Video surveillance and analytics monitoring of parking lots and grounds supplements external patrols and extends the security presence beyond facility doors. Integrated Physical and Electronic Security HSS Systems Integration can do it all from expert design and engineering to installation, monitoring, maintenance, and repair. They ll set up systems so that they are easy to use and make sure customer s staffs are comfortable using them. With HSS as their physical security services provider, they ll ensure that technology effectively supports their security personnel. 2014 All Rights Reserved ecfirst 10

An ecfirst Case Study: INeTU & HIPAA Compliance INeTU What is INeTU? The INetU is a hosting solutions and services company. It follows Customer Centric Approach at providing hosting services, it also includes assistance in designing, implementing, proactively monitoring and supporting the customer s environment as well as assisting with security, compliance, disaster recovery and performance plans. The INetU data centers are designed and managed with security and compliance in mind and that tie directly to customer s goal as a healthcare organization. They undergo independent audits; retain SOC3 and TRUSTe certification while practicing end-to-end security and compliance controls for their facilities, networks, servers and software. The INetU Healthcare Solution Includes: Security Operations Center (SOC) HIPAA Compliance Security Services HIPAA Compliance Dashboard Healthcare application support expertise Why INetU? INetU has over 17 years of experience hosting HIPAA compliant healthcare applications and have invested considerably to help their clients comply with all facets of the healthcare industry when it comes to application hosting. With INetU cloud environment, healthcare organizations can more quickly ensure HIPAA compliance without having to outlay huge capital investments in technology and manpower. Trained experts at INetU can act as trusted advisors to customer operations. Features Security Operations Center (SOC) INetU supply the expertise as well as the compliance capabilities. INetU has formed a SOC made up of a team of experts in security to engineer, implement and maintain the security services around the clock. Sensitive data and complex hosting often go hand in hand. Hence INetU is involved in security and compliance hosting and a team of experts (CISSPs, CISAs) to engineer, implement and maintain their security services around the clock, ready to respond at a moment s notice. 2014 All Rights Reserved ecfirst 11

An ecfirst Case Study: INeTU & HIPAA Compliance Security As A Service Set it and forget it is not the right approach, but sadly it is the norm for security among Cloud hosters. The INetU SOC team keeps an eye on security so customers only have to worry about the security of their code and nothing else when they sign up for the INetU Security Suite. The SOC is the brains behind the tools that are keeping their sites secure. Experienced security experts review the SIEM logs and let them know if there is anything to be concerned about, they keep an eye on any anomalies detected by their IPS/IDS and Application Traffic Firewall. When they implement File Integrity Monitoring, these experts are the ones who respond to any concerning alerts. INetU Security Suite Managed By The security operations center (SOC) The INetU Managed Security Suite gives the protection that customer needs while helping them meet compliance and regulatory requirements such as PCI and HIPAA. INetU s Security Suite works across all types of environments including Dedicated Servers, Private Clouds, our Public Cloud, and even Hybrid Clouds. Customers have just one suite of products and one portal to manage them through no matter how complex their environment is. The Security Suite is designed to be used together to provide multiple layers of defense against attackers. This is a concept known as "Defense in Depth" - even if an attacker manages to get through one layer; there are still several more layers of defense to keep their data and applications safe. Application Traffic Firewall INetU Security Operations Center is watching for any signs of unusual activity on your protected site. In addition, Imperva's Application Defense Center (ADC) is constantly researching new attacks and vulnerabilities on the Internet and working to improve the WAF's ability to protect customers from them. INetU s Application Traffic Firewall solution meets the requirements set forth in PCI DSS Section 6.6 and is a component of the implied requirement of Security Best Practices under HIPAA 164.306(a). Dual Factor Authentication. Dual Factor Authentication takes one step further and requires customer to enter a code from a physical device in their possession in order to access their systems and Client Center at INetU. INetU s dual factor authentication service is available as either a USB key or an app for customer s smartphone so that all users can take advantage of this important security enhancement. 2014 All Rights Reserved ecfirst 12

An ecfirst Case Study: INeTU & HIPAA Compliance INetU s dual factor authentication meets the requirements set forth in PCI DSS Section 8.3 and is a component of the requirements of HIPAA 164.312(d). Log Monitoring & Review With INetU, log monitoring and review collects detailed log information from the servers and devices in customer environment. These logs can be essential for detecting attempted security breaches, misused accounts, and even non-security related problems. INetU s SIEM solution meets the requirements set forth in PCI DSS section 10.6 and is a component of the requirements of HIPAA. File Integrity Monitoring File Integrity Monitoring (FIM) ensures that customer know if critical system or application files are replaced or modified. It's an extra layer of defense to ensure that they know quickly if their system has been compromised. INetU s FIM solution meets the requirements set forth in PCI DSS section 11.5. Firewalls & VPNs Every solution at INetU is protected by a firewall with SSL VPN capability to allow remote users to administer servers seamlessly while protecting their environment by locking down remote access to authorized individuals. INetU s firewall solution meets the requirements set forth in PCI DSS sections 1.1.3, 1.14, and 1.3.6. It's also a component of the implied requirement of Security Best Practices under HIPAA 164.306(a). Intrusion Detection System (IDS) / Intrusion Prevention System (IPS) An Intrusion Detection System watches the traffic coming in and out of customer environment for signs of an attack, notifying both customer and INetU the moment it sees anything out of the ordinary. An Intrusion Prevention System takes that one step further and stops the potential attack in its tracks. INetU s IDS/IPS solution meets the requirements set forth in PCI DSS Section 11.4. Vulnerability Scanning INetU provide two types of vulnerability scanning - internal and external. External vulnerability scanning attempts to find weaknesses from the public internet. Internal vulnerability scanning looks for potential weaknesses from inside customer firewall to ensure that everything is secure even if an attacker manages to find a way into their environment. 2014 All Rights Reserved ecfirst 13

An ecfirst Case Study: INeTU & HIPAA Compliance INetU s vulnerability scanning solution meets the requirements set forth in PCI DSS Sections 11.2.1, 11.2.2, and 11.2.3. Compliance & Audits INetU s SOC is experienced in working with auditors to make sure they get the information they need to be comfortable that customer project is hosted in a secure and reliable environment. They have their SOC3 in Security, SSAE 16 Type II, PCI DSS Level 1 Certification and more across four global data centers. HIPAA Compliance Dashboard The INetU HIPAA Compliance Solution includes the HIPAA Compliance Dashboard. The dashboard provides high level and detailed views of the required HIPAA activities and procedures. Customers and their assigned INetU SOC can work together to assess their HIPAA compliance status for each item in the dashboard, understand any areas of non-compliance and address them as needed. HIPAA Compliance Security Services INetU provides these basic capabilities and more all of which should be considered as part of customer compliant environment to ensure a secure HIPAA compliant cloud infrastructure: Network Firewall Web Application Firewall (WAF) Intrusion Prevention System (IPS) and Intrusion Detection System (IDS) Device Hardening Virus Protection File Integrity Monitoring (FIM) Security Information and Event Monitoring (SIEM) Offsite Database Backup Database Backup Encryption External Vulnerability Scanning Internal Vulnerability Scanning Dual Factor System Authentication Multi-Factor Facility Authentication 2014 All Rights Reserved ecfirst 14

An ecfirst Case Study: INeTU & HIPAA Compliance Bottom-line Checklist Features/Capabilities Lunarline inetu HSS FedRAMP Yes No No HIPAA Compliance Yes Yes Yes Privacy Service Yes Yes Yes 2014 All Rights Reserved ecfirst 15

An ecfirst Case Study: INeTU & HIPAA Compliance http://www.lunarline.com/soc REFERENCES http://www.lunarline.com/managed-security-service-provider http://www.lunarline.com/sites/default/files/lunarline%20arra%20hitech%20hipaa%20white%20pap er%20v1%200.pdf http://www.lunarline.com/whitepapers http://hss-us.com/healthcare-security/ http://hss-us.com/healthcare-security/compliance-solutions/ http://hss-us.com/healthcare-security/security-dispatch-monitoring/ http://hss-us.com/healthcare-security/security-technology-solutions/ http://www.inetu.net/solutions/industry/healthcare http://www.inetu.net/solutions/product/hipaa-compliance http://www.inetu.net/products/security-suite http://www.inetu.net/solutions/industry/saas-and-software http://www.inetu.net/customer-experience/security-operations-center 2014 All Rights Reserved ecfirst 16

An ecfirst Case Study: INeTU & HIPAA Compliance Corporate Office 295 NE Venture Drive Waukee, IA 50263 Toll Free: 877.899.9974 x17 Phone: 515.987.4044 x17 Fax: 515.978.2323 www.ecfirst.com 2014 All Rights Reserved ecfirst 17

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information