Security Basics mailing list archives

Healthcare Standards and Regulations

From: Jason Kolpin <jasonk () ncat org>
Date: Wed, 14 Apr 2010 16:22:13 -0600

Hello!

I have been approached by a small medical practice to build aninfrastructure from the ground up. After some research I decided I knewnothing about best practices and such in this environment, these folksare in a rural area and have no clue who to contact, I am at a loss aswell other than a big company like Seimans or something. It would begreatly appreciated if anyone on this list knew of a place where I couldget some solid information on this subject, refer these folks to acompany that does this sort of thing, or offer some advice for asituation such as this. It's not like I am completely cluelessconcerning server setup and stuff like that, I work IT, I am moreinterested in security related information such as typical physicallayout for the network, IE firewalling and data/service separation issues.


Excuse my ignorance here as this is completely new to me.

I have been asked about LIS, RIS, PM, patient records server,scheduling/calendar, billing, email server, domain controller, VPN fromtwo locations and some more. I'm just looking for some simple "stickman" drawings of a typical physical layout using this type of stuff, aswell as a place I might go to find out about required/mandated policiesand such, and even a few hints on policies you may know that you findimportant in a situation such as this.

FYI I have already informed these people I am not the man for the job asthe risk is too great for me should something bad happen but they areprobably going to use me as a consultant, they have no IT staff and arecompletely clueless about how the simplest of things work.

I know this is a lot to ask of a mailing list so no surprise if I get noresponse.


--
Jason Kolpin
Web Specialist
National Center for Appropriate Technology
www.ncat.org



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

Healthcare Standards and Regulations Jason Kolpin (Apr 15)
- Re: Healthcare Standards and Regulations John Morrison (Apr 15)
  - Re: Healthcare Standards and Regulations Jason Kolpin (Apr 15)
    - RE: Healthcare Standards and Regulations Mattias Baecklund (Apr 16)
    - Re: Healthcare Standards and Regulations John Morrison (Apr 16)
    - Re: Healthcare Standards and Regulations Jason Kolpin (Apr 16)
    - RE: Healthcare Standards and Regulations Brenda C. Henderson (Apr 16)
    - Re: Healthcare Standards and Regulations Caspian (Apr 19)
    - Message not available
    - RE: Healthcare Standards and Regulations Barbara L. Filkins (Apr 16)
  - Re: Healthcare Standards and Regulations John Williams (Apr 15)