Wireless Assessment

Healthcare organizations are rapidly deploying mobile computing capabilities across the infrastructure. From the perspective of regulations such as HIPAA Security as well as to ensure resilience in the infrastructure, organizations need to regularly evaluate their wireless architecture and configurations to identify points of exposure. For example, this includes locating unauthorized access points which may be rogue devices that can be exploited.

Activities typically conducted to identify wireless vulnerabilities include:

• Examine the wireless access point configurations and compare them against recommended security practices
• Locate wireless traffic leaking from your site
• Verify signal visibility and strength in public areas inside buildings
• Determine the type and strength of encryption algorithms used
• Analyze the authentication algorithms used for access points and other wireless components

On a regular schedule, you need to conduct a wireless security assessment to:

• Identify unauthorized access points, and mis-configuration of wireless components
• Prioritize specific recommendations for strengthening security configurations of wireless components
• Analyze wireless security policies and practices against industry best practices for your wireless network infrastructure

Your objective must be to ensure that your wireless infrastructure is not the weak link in the overall security of your organization.

To discuss your wireless security assessment, you can schedule time with compliance and security expert Ali Pabrai, CISSP, CSCS. Contact Nazeela.Shokrai@ecfirst.com to schedule a conference call to review your wireless and security priorities and what others like you may be doing in the healthcare industry.

Need HIPAA E-learning Courseware?

For a free e-learning demo of ecfirst courseware in the areas of Professional Compliance, Corporate Compliance, HIPAA Compliance, Research Compliance, Accreditation or Quality Improvement , please contact Nazeela Shokrai, Business Development Associate at Nazeela.Shokrai@ecfirst.com .

For more information visit www.aha-solutions.org , contact Lorna Waggoner at 1.877.899.9974 x17 or visit www.HIPAAAcademy.net

HIPAA Tip

AUDITSHIELDâ„¢ PROGRAM LAUNCHED BY ECFIRST

Starting in 2008, CMS is initiating a sincere audit effort. It has been reported that CMS will begin audits by reviewing 10 to 20 hospitals in the next nine months for compliance with the HIPAA Security Rule. Is your organization ready for a HIPAA Security audit? The ecfirst AuditShieldâ„¢ Program provides immediate expertise that your organization can engage to manage all activities including communication and development of critical documentation to help you address audit requirements.

The audit process can consume valuable time and resources of key professionals and management in your organization. HIPAA Security Audits are a new phenomena and the announcement of an audit process involving your organization may cause undue stress, anxiety, and huge amounts of misguided effort. Organizations also may lack the expertise required to manage the audit process.

ecfirst can help . ecfirst will not only provide immediate resources to respond to queries but also assist you in streamlining processes so your organization can address this challenge and be on the path to complete compliance. To learn more about the ecfirst AuditShieldâ„¢ service, please visit www.ecfirst.com or contact Nazeela Shokrai at Nazeela.Shokrai@ecfirst.com .

CSCSâ„¢ PROGRAM

GET CERTIFIED. GET AHEAD. Register now for the CERTIFIED SECURITY COMPLIANCE SPECIALISTâ„¢ ( CSCSâ„¢ ) program being delivered at:

• Des Moines, Iowa, June 4-5, 2008
• Phoenix, Arizona, July 16-17, 2008

To attend the only certification program in the industry that addresses PCI DSS, ISO, HIPAA, FISMA, and other information security regulations, please visit the web-site, www.ecfirst.com , and click on the CSCSâ„¢ Program.