Solved

Is Bellsouths DSL Modem HIPAA compliant? Where can I find that information?

Posted on 2008-09-30
2
908 Views
Last Modified: 2013-12-14
I have a guy refusing to put a Firewall on a DSL Line. He says the DSL modem has a built in Firewall that is sufficient and HIPAA compliant.

Is this true and where can I find that information?
0
Comment
Question by:aando
2 Comments
 

Accepted Solution

by:
irievt2005 earned 300 total points
ID: 22610611
It is true that the Bell South DSL modems made by Westell (models 2100, 2200, and 6100) do have the NAT (network address translation) and firewall capabilities of most consumer-grade gear.  The NAT feature and internal firewall protect your network by hiding all unused ports and making it more difficult for an attacker to find an access individual computers on your network.  

While the modem's firewall probably meets the qualitative requirements of the HIPAA legislation, it is highly unlikely that the device is certified as HIPAA-compliant.  As I'm sure you're aware, the HIPAA regulations are quite ambiguous and as a result only a handful of companies are willing to certify a device as compliant.  Unfortunately, since the entire liability for HIPAA non-compliance is assigned to the health care provider, it would be wise to consult with an attorney to determine whether using this modem as a firewall is sufficient.  

As far as your extra firewall (should you and your attorney find it to be necessary), the internal firewall should be disabled prior to installation.  This is done by logging into the router and assigning the new firewall as the DMZ host.  You can access the modem's configuration page by surfing to http://192.168.1.254 on a connected device.  Once there, click on the "Home Network" box at the top and then "IP Passthrough" to the right.  Select the firewall from the menu and apply changes.
0
 
LVL 20

Assisted Solution

by:ElrondCT
ElrondCT earned 200 total points
ID: 22614133
While the DSL modem probably has an incoming firewall that would meet any requirements, it exercises no control over outgoing connections. Anyone who is concerned about HIPAA compliance should have a firewall on the computer that verifies that programs requesting Internet access are legitimate. I use and recommend ZoneAlarm (www.zonealarm.com), but there are others, both paid and free. (Note that the firewall built into Windows doesn't provide this level of protection.) This protects against a virus-type program getting on your system and surreptitiously sending out data from your system.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Internet access for my laptop 5 148
VPN and bonded ADSL 4 193
Recommendations for Cheap Small Gigabit Router 9 146
Azure site to site VPN with dynamic IP Addess 2 260
    Over the past few years, small business and home owners have become so dependent on internet that a need for redundancy has arisen.    What happens when your small business or home / home office loses its internet connection?  The results c…
This solves the problem of diagnosing why an internet connection is no longer working. It also helps identify the likely cause of the lost connection if the procedure fails to re-establish your internet connection. It helps to pinpoint the likely co…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question