Security Basics mailing list archives
HIPAA and endpoint certification
From: "Jarrod Frates" <jfrates.ml () gmail com>
Date: Fri, 23 Feb 2007 16:46:48 -0800
I need to get some clarification on the requirements regarding certification of endpoints in transmission of HIPAA material. As part of a wireless project that is beginning soon, we're evaluating the various EAP types available to us regarding practicality, support availability, and (of course) regulatory compliance. While we're planning on using only EAP types that require a server-side certificate at a minimum, are there any requirements for the client side? It is my understanding that we have to know *who* is connecting to the network, but is a client-side certificate required for this purpose, or is it sufficient to authenticate against a user database of some sort? Any references to specific code (even at a section level) would be greatly appreciated. -- Jarrod Frates GAWN --------------------------------------------------------------------------- This list is sponsored by: BigFixIf your IT fails, you're out of business - or worse. Arm your enterprise with BigFix, the single converged IT security and operations engine. BigFix enables continuous discovery, assessment, remediation, and enforcement for complex and distributed IT environments in real-time from a single console. Think what's next. Think BigFix.
http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/ ---------------------------------------------------------------------------
Current thread:
- HIPAA and endpoint certification Jarrod Frates (Feb 26)
- RE: HIPAA and endpoint certification Eggleston, Mark (Feb 26)
- Re: HIPAA and endpoint certification Jarrod Frates (Feb 26)
- RE: HIPAA and endpoint certification Eggleston, Mark (Feb 26)