Solved

Is Bellsouths DSL Modem HIPAA compliant? Where can I find that information?

Posted on 2008-09-30
2
905 Views
Last Modified: 2013-12-14
I have a guy refusing to put a Firewall on a DSL Line. He says the DSL modem has a built in Firewall that is sufficient and HIPAA compliant.

Is this true and where can I find that information?
0
Comment
Question by:aando
2 Comments
 

Accepted Solution

by:
irievt2005 earned 300 total points
ID: 22610611
It is true that the Bell South DSL modems made by Westell (models 2100, 2200, and 6100) do have the NAT (network address translation) and firewall capabilities of most consumer-grade gear.  The NAT feature and internal firewall protect your network by hiding all unused ports and making it more difficult for an attacker to find an access individual computers on your network.  

While the modem's firewall probably meets the qualitative requirements of the HIPAA legislation, it is highly unlikely that the device is certified as HIPAA-compliant.  As I'm sure you're aware, the HIPAA regulations are quite ambiguous and as a result only a handful of companies are willing to certify a device as compliant.  Unfortunately, since the entire liability for HIPAA non-compliance is assigned to the health care provider, it would be wise to consult with an attorney to determine whether using this modem as a firewall is sufficient.  

As far as your extra firewall (should you and your attorney find it to be necessary), the internal firewall should be disabled prior to installation.  This is done by logging into the router and assigning the new firewall as the DMZ host.  You can access the modem's configuration page by surfing to http://192.168.1.254 on a connected device.  Once there, click on the "Home Network" box at the top and then "IP Passthrough" to the right.  Select the firewall from the menu and apply changes.
0
 
LVL 20

Assisted Solution

by:ElrondCT
ElrondCT earned 200 total points
ID: 22614133
While the DSL modem probably has an incoming firewall that would meet any requirements, it exercises no control over outgoing connections. Anyone who is concerned about HIPAA compliance should have a firewall on the computer that verifies that programs requesting Internet access are legitimate. I use and recommend ZoneAlarm (www.zonealarm.com), but there are others, both paid and free. (Note that the firewall built into Windows doesn't provide this level of protection.) This protects against a virus-type program getting on your system and surreptitiously sending out data from your system.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

    Over the past few years, small business and home owners have become so dependent on internet that a need for redundancy has arisen.    What happens when your small business or home / home office loses its internet connection?  The results c…
This solves the problem of diagnosing why an internet connection is no longer working. It also helps identify the likely cause of the lost connection if the procedure fails to re-establish your internet connection. It helps to pinpoint the likely co…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now