HIPAA Assessments and Network Access

[Doug Sandford <dsandfor () SEEBECK UA EDU>]

Apologies for the rather broad subject area(s). I know these items
have been discussed in the past, but am looking for some more recent
experiences/recommendations.

Have any of you brought in consultants to perform the full range of
compliance checks necessary for HIPAA compliance, ie, Risk
Assessment, policy and function creation, etc? Your recommendations
would be welcomed.

Additionally, we are interested in a solution (such as Perfigo or one
of the others) that would enable us to check computers as they are
attached to our network for current Windows patches, virus software
and updates, etc. SUS is certainly a partial answer but requires that
we get our hands on each machine. Again, any recommendations,
successes or horror stories will be welcome.

Thanks in advance....




Doug Sandford
Information Security Officer
University of Alabama
Seebeck Computer Center
doug () ua edu

This email is intended only for the person to whom it is
addressed.  Any review or other use of this information by
persons or entities other than the intended recipient or any
retransmission without the consent of the sender is prohibited.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.