Solved

Is Bellsouths DSL Modem HIPAA compliant? Where can I find that information?

Posted on 2008-09-30
2
919 Views
Last Modified: 2013-12-14
I have a guy refusing to put a Firewall on a DSL Line. He says the DSL modem has a built in Firewall that is sufficient and HIPAA compliant.

Is this true and where can I find that information?
0
Comment
Question by:aando
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 

Accepted Solution

by:
irievt2005 earned 300 total points
ID: 22610611
It is true that the Bell South DSL modems made by Westell (models 2100, 2200, and 6100) do have the NAT (network address translation) and firewall capabilities of most consumer-grade gear.  The NAT feature and internal firewall protect your network by hiding all unused ports and making it more difficult for an attacker to find an access individual computers on your network.  

While the modem's firewall probably meets the qualitative requirements of the HIPAA legislation, it is highly unlikely that the device is certified as HIPAA-compliant.  As I'm sure you're aware, the HIPAA regulations are quite ambiguous and as a result only a handful of companies are willing to certify a device as compliant.  Unfortunately, since the entire liability for HIPAA non-compliance is assigned to the health care provider, it would be wise to consult with an attorney to determine whether using this modem as a firewall is sufficient.  

As far as your extra firewall (should you and your attorney find it to be necessary), the internal firewall should be disabled prior to installation.  This is done by logging into the router and assigning the new firewall as the DMZ host.  You can access the modem's configuration page by surfing to http://192.168.1.254 on a connected device.  Once there, click on the "Home Network" box at the top and then "IP Passthrough" to the right.  Select the firewall from the menu and apply changes.
0
 
LVL 20

Assisted Solution

by:ElrondCT
ElrondCT earned 200 total points
ID: 22614133
While the DSL modem probably has an incoming firewall that would meet any requirements, it exercises no control over outgoing connections. Anyone who is concerned about HIPAA compliance should have a firewall on the computer that verifies that programs requesting Internet access are legitimate. I use and recommend ZoneAlarm (www.zonealarm.com), but there are others, both paid and free. (Note that the firewall built into Windows doesn't provide this level of protection.) This protects against a virus-type program getting on your system and surreptitiously sending out data from your system.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

    Over the past few years, small business and home owners have become so dependent on internet that a need for redundancy has arisen.    What happens when your small business or home / home office loses its internet connection?  The results c…
Cable Modem Provisioning from DPoE compliant server  This Article is to support CMTS administrators to provide an overview of DOCSIS compliance configuration file, and to provision a cable modem located at customer place from a Back office serve…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question