CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Request a Demo

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Request a Demo
Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

View All Trustwave Services
Solutions
BY INDUSTRY
BY REGULATION
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
We reduce cyber risk and fortify organizations
Awards and Accolades
Recognition by analysts and media outlets
Trustwave SpiderLabs Team
Global researchers, ethical hackers, and responders
Trustwave Fusion Security Operations Platform
Unprecedented security visibility and control
Trustwave Security Colony
Access to cybersecurity threat protection resources
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
Register
Login
Resources
BLOGS
UPCOMING
MEDIA & ASSETS
NOTICES
HELP
BY MANDATE

HIPAA

Any U.S. organization maintaining or transmitting electronic protected health information, commonly known as ePHI, must comply with the Health Insurance Portability and Accountability Act (HIPAA).

A Prescription for Security & Privacy

HIPAA established rules around protecting the security and privacy of sensitive patient data. Trustwave can help you respond to the regulation's guiding principles of confidentiality, integrity and availability of electronic protected health information (ePHI).

HIPAA: Fast Facts and Consequences

Checkmark_Red_Dot_White_Icon

HIPAA features three components related to data protection: the Security Rule, the Privacy Rule and the Breach Notification Rule.

Checkmark_Red_Dot_White_Icon

The maximum civil fine is $50,000 per violation, up to a maximum of $1.5 million per violation category, with the Office of Civil Rights within the U.S. Department of Health and Human Services collecting some $20 million in fines and settlements in 2017.

Checkmark_Red_Dot_White_Icon

HIPAA requires "covered entities," which include hospitals, pharmacies, group health plans and individual provider offices, and their third-party "business associates" to deploy technical controls to prepare for audits and protect sensitive ePHI.

Checkmark_Red_Dot_White_Icon

The HITECH Act of 2009 is a distinct law from HIPAA, but the two overlap and reinforce each other in certain ways.

RESEARCH REPORT

2020 Trustwave Global Security Report

The 2020 Trustwave Global Security Report is a window into the latest developments in the world of cybercrime. Download your complimentary copy here.

Eye Risks. Close Holes. Get Secure.

tw-scanner2

Prioritize Your Efforts

Customizable assessments, scaled for covered entities and business associates, helps you identify safeguards necessary to meet HIPAA compliance by locating gaps that may exist between your current security posture and the requirements.

tw-managed-portal

Address Gaps and Vulnerabilities

The Trustwave HIPAA Compliance Readiness Service helps you confront your HIPAA compliance gaps so that specific risks can be categorized, quantified and addressed.

tw-money

Safeguard Patient Data

Count on Trustwave to guard your infrastructure, networks and data by building a defense-in-depth security strategy automated and managed through our cloud-based Trustwave Fusion platform.

tw-laptop-data

Empower Decision Making

Our consultants pre-assess your compliance to identify the degree of conformity that your organization displays relative to the Omnibus Rule, which implements several provisions of the HITECH Act.

Services

HIPAA requires covered entities and their business associates to deploy technical controls to safeguard patient data and submit to audits. We enable your teams to make the most of technologies, protect against malicious attackers and maintain regulatory compliance through automated and managed security solutions.

Managed Security Technologies

Establish a first-line of defense with Secure Email Gateway, Intrusion Prevention and Detection System, Next Generation Firewall and Web Application Firewall.

Security Awareness Education

Offer your staff, from the C-suite to developers to the rank-and-file, the cloud-based tools they need to help protect your data.

Managed Security Testing

Conduct scanning and penetration testing across your databases, networks and applications to reveal vulnerabilities.

Database Security

Discover, assess and report on misconfigurations, improper access controls and other weaknesses within databases.

Threat Detection and Response

Leverage our SOC experts to detect threats with log collection and SIEM services, and monitor your endpoints to identify advanced threats.

Threat Hunting

Probe deep into your network using cyberthreat intel, behavioral analytics, anomaly detection and deep-dive forensic analysis to identify ongoing attacks.

Digital Forensics and Incident Response

Determine quickly the source, cause and extent of a breach – and then contain, eradicate and investigate the incident, or get proactive by solidifying your response before a security event occurs.

Custom Engagements

Augment your capabilities with more specialized and actionable counseling, including our Threat Detection and Response Consulting (TDR Consulting) practice and SpiderLabs Red Teaming.

Additional Resources