HIPAA and Beyond: How to Effectively Safeguard Electronic Protected Health Information

HIPAA lacks the depth and breadth on which to build an information security program as it takes a myopic view of security and privacy with Protected Health Information (PHI) being the center of its universe. But there is much more to information security than PHI. Healthcare organizations must look beyond HIPAA and take a global view of their infrastructure because while HIPAA is a static regulation, healthcare organizations exist in a dynamic IT world with new threats coming about daily. When HIPAA first came out, vulnerability assessments, patching and configuration remediation were only typically performed quarterly at best. Now with zero-day threats, lack of a defined network perimeter and focus on information protection, the need for real-time patching and proactive endpoint and data protection is a basic requirement. Read this whitepaper to learn how to use HIPAA as the starting point for your security program, and then using best practices and Lumension solutions to improve your overall security posture.