Web Security Setup


Become HIPAA compliant:

The rules also apply to XM local system and XM cloud system and providers who conduct electronic health-related transactions. The Privacy Rule requires that SB company put safeguards in place to protect patients' privacy on company equipment. The safeguards must shield their PHI:

I. FIPS 140-2 Level 3 compliant:

All confidential data (ePHI) data in cloud environments must be always encrypted with RSA-HSM (or EC-HCM) protected column master encryption keys;

SB will rotate encryption keys on an annual basis, and will coordinate the schedule with DOH;

All ePHI data-transfer (between facilities and datacenters) must be over SSH with SSL certificate stored on the key-valt of SB company;

Each XM device must have its SSL certificate based on device serial number, and the expiration of the SSL certificate should be equal to the expiry of the subscription.

The SB company will rotate SSL certificate on an annual basis, and will coordinate the schedule with client’s subscription.

Only team members of the SB Encryption Services (SES) can have access to perform key management operations, such as create, rotate, retire, revoke, etc.

For Hight level security facilities such as US DOH (USA department of helth) our system must provide following abilities:


DOH Encryption Services (DES) team will have sole administrative access to the SB party Key Vault to perform key management tasks;

DES team needs audit logging of the Key Vault to ensure access is not granted to any users other than the DES team, and access is not removed from DES members.

DOH will receive notifications to dl-keysecure@[login to view URL] if any permissions do change.

DOH keys must be generated and exported from the DOH KeySecure.

DOH keys must be loaded into the SB party’s Azure Key Vault to share read-access of the key.

Steps for Key Creation:

DOH DES will create an RSA-HSM (or EC-HCM) key within DOH KeySecure appliance—residing on premise;

The DES team will wrap the created key with a public key from SB and import the key into the SB party key vault.

The SB party will use the imported key to encrypt and decrypt ePHI data that resides in the SB cloud.

Compliance with FDA regulations:

I. FDA 510(k) clearance compliance with current Medical Imaging & Technology Alliance (MITA) radiation dose management standards.

II. Reports for Radiation Emitting Electronic Products

Base on business requirements, HIPAA and FDA regulations we need to create architectural design of PROD system in MS Visio file.

Квалификация: .NET, Azure, Программирование на C#, Криптография, Безопасность сети

Показать больше web security tutorial, web security basics, website security godaddy, introduction to web security, godaddy website security setup, what is web security, website security basic godaddy, mimecast web security setup, create web application setup without, web design setup, windows server web smtp setup, ajitabh web services setup, sugarcrm web lead setup, webmin apache web server setup, windows server web dns setup, centos server security setup, ebook web store setup, users security setup sharepoint, web page setup, hylafax web server setup

О работодателе:
( 1 отзыв ) Indore, India

ID проекта: #19695656

3 фрилансеров(-а) в среднем готовы выполнить эту работу за $302


Hi there! May Peace Be Upon You !! I am a Certified Ethical Hacker and Pen Tester. I just love hacking and breaking the rules, but don’t get me wrong as I said I am an ethical hacker. @Certified at Windows Sec Больше

$350 USD за 3 дней(-я)
(8 отзывов(-а))

Hello, i am Cyber Security Expert and can help you in Base on business requirements, HIPAA and FDA regulations we need to create architectural design of PROD system in MS Visio [login to view URL] me Thank you

$333 USD за 8 дней(-я)
(12 отзывов(-а))

Hello Sir, I am Linux Windows and Network administrator with CCNA (Cisco Certified Network Associate) CCNA Security certified, I can Install your whole network with security. message me for further queries. Regards Больше

$222 USD за 7 дней(-я)
(0 отзывов(-а))