Jump to content WorldWide-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
HP.com Home

Health Insurance Portability & Accountability Act (HIPAA)

» 

Large Enterprise Business
» Products
» Business & IT Services
» Solutions
» Technologies
» Partners
» Support & Drivers
» Business Technology
» Media & Library
» Support & Troubleshooting
» Software & Drivers
Content starts here

   

The following briefly describes a law, regulation or best practice and highlights aspects that apply to application security. This page also describes how HP Application Security Center software can help you comply. Given the changing nature of laws, rules and regulations, please check the latest information from the sponsoring organization.

Get started

»  Contact HP

Legislative summary
The United States Health Insurance Portability and Accountability Act (HIPAA) mandates the privacy and security of personal health information from the various threats and vulnerabilities associated with information management. The Security Rule of the act recommends information security best practices to protect personal information. The goal of the Security Rule is to ensure the confidentiality, integrity and availability of personal health information. As it relates to web application security, HIPAA requires applicable organizations to perform a HIPAA security risk assessment to determine what applications and data are vulnerable, to ensure proper authentication, access control and logging systems, and to conduct ongoing auditing of information systems to test for newly discovered vulnerabilities. Web application security assessments should be used as part of the initial HIPAA compliance software program to show where your organization stands with security of personal health information.

HP Application Security Center capabilities

  • Assess your web applications for vulnerabilities that may result in the disclosure of sensitive or private medical information
  • Verify that web application access to sensitive information is controlled by authentication and authorization
  • Identify web application command injection vulnerabilities that may execute malicious code or programs
  • Verify that links to privacy policies exist at appropriate places in your web applications
  • Get detailed security assessment reports categorized by HIPAA sections

Learn more

»  BTO software
»  HP Application Security Center
»  HP Application Security resources
PLEASE NOTE: This information is provided for informational purposes only. You should not rely on, take or fail to take any action based upon the enclosed information. The information on this Site is provided with the understanding that the authors and publishers are not herein engaged in rendering legal, accounting, tax, or other professional advice and services. As such, it should not be used as a substitute for consultation with professional accounting, tax, legal or other competent advisers. Future legislative amendments and/or your company's special circumstances may necessitate significant revisions to this information. Given the changing nature of laws, rules and regulations, and the inherent hazards of electronic communication, there may be delays, omissions or inaccuracies in information contained in this site and in HP software.
Printable version
Privacy statement Using this site means you accept its terms
© 2008 Hewlett-Packard Development Company, L.P.