Home

  • Home
    • » e-Newsletters

Tip: Protect your electronic perimeter with a firewall policy

EHR Connection, October 27, 2008

 A firewall policy describes the management of an organization’s firewalls and other perimeter security devices. It helps ensure that management of these critical security devices includes appropriate oversight and controls. 

Ensure greater security of your confidential data by addressing these areas of concern in your firewall policy: 
  • Access control, including administrative access, access control lists, remote access, and physical security
  • Change management, including request protocol and response, firewall rule review and changes, and production review
  • Configuration management, including version control, security hardening, and vulnerability monitoring
  • Logging and alerting, including periodic risk assessment, audit logs, audit log reviews, audit log retention, access to audit logs, and alerts
  • Contingency planning
  • Architecture
  • Firewall banners 
This tip is from The No-Hassle Guide to HIPAA Policies: A Privacy and Security Toolkit published by HCPro, Inc.

Most Popular