John,

There is no HIPPA certification for a broadband connection. HIPPA is an overall concept to have a medical intity secure it's customer records. This is a configuration of its internal network, security devices, and security policies, not the broadband connection itself. Any broadband connection can be made HIPPA compliant with the right Firewall/VPN devices between the customer and your broadband. HIPPA is a catch word that our competitors use to draw attention away from using wireless providers, but there is no reason a wireless provider/connection can not be HIPPA compliant any more than any other commodity broadband connection. What really happens is that if you are not knowledgeable enough on HIPPA to know that you comply, than your not knowledgeable enough on HIPPA to be the trusted advisor to bring broadband to the client. I can tell you that MOST companies that need to be HIPPA compliant have no idea what it means to be compliant, and they rely on a consultant to tell them how to comply. And I can tell you that htat individual probably has a provider that he resells for and gets an agent commission from, and there fore stere's business from you.

As mentioned at this year's ISPCON CEO Session, the HIPPA compliance manual is about 3 inches thick, and thats hard to sum up in a few words. And most of it won't apply to making your service HIPPA compliant. What's important is that your service is beneficial to Hospitals and Doctors, because of its potential to offer higher speed circuits, and higher reliabilty or redundancy, and should be included as viable solutions for hospitols to consider.

My advice is to partner with a consulting company that offers HIPPA compliant consulting services to hospitols and doctors, and make sure they know who you are, and recommend your service. These are some of the reasons that we started an agent program, it was tough getting through the gatekeepers, and not having the opportunity to service because of false pre-mature conclusions made by the decission makers.

If you allow a hospitol to install a VPN/Firewall on their LAN between you and them, your service is HIPPA compliant. It becomes their burden to encrypt and secure data. People tend not to use the latest technology only because they fear it, because they do not know everything they need to know to be an authority on the effect of change.

We advertise our broadband as HIPPA compliant, and sell to hospitols and doctors offices.

I know my answer probably doesn't help answer your intial questions on exactly how the custoemr becomes HIPPA compliant.

Whats Ironic about this is that prospects will for some reason think a commodity Verizon ADSL service is more secure and HIPPA compliant than a wireless circuit. The key is to sell your service as Broadband to get in the door, and then make them understand that it is not a open wifi cloud like the hot spot down the street at starbucks. Unless that is what you are trying to sell them, which would require that you add some basic security. Just make sure your connection is Outside their firewall appliance, so the customer is empowered to secure their network..


Tom DeReggi
RapidDSL & Wireless, Inc
IntAirNet- Fixed Wireless Broadband


----- Original Message ----- From: "John Scrivner" <[EMAIL PROTECTED]>
To: <wireless@wispa.org>
Sent: Monday, November 27, 2006 5:16 PM
Subject: [WISPA] Wireless Security biting you in the ass?


Wireless broadband security issues have now officially led to my business being put into a bad light due to perceived lack of security. I am a member of a regional broadband planning group that is working with health care and other industry sectors to help deliver broadband options to all areas that need it. Rural Health centers and hospitals are all over the region and most need access to broadband which is highly secure. I need to know what others have done to bring HIPAA compliance assurance to network administrators and hospital personnel so that your solutions are chosen and used for health care connectivity. Currently my services are not being considered do to the perception of a lack of HIPAA security compliance. I need to get on top of this right now and welcome your thoughts and ideas. I would prefer to hear from those of you who have some actual knowledge of delivering HIPAA compliant connections or those who provide equipment which has been documented to meet HIPAA compliance.
Thank you,
John Scrivner

--
WISPA Wireless List: wireless@wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/

--
WISPA Wireless List: wireless@wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/

Reply via email to