{"id":92397,"date":"2024-10-26T12:22:36","date_gmt":"2024-10-26T04:22:36","guid":{"rendered":"https:\/\/version-2.com\/?p=92397"},"modified":"2024-10-14T12:25:46","modified_gmt":"2024-10-14T04:25:46","slug":"how-firewalls-support-hipaa-compliance-best-practices-for-healthcare-providers","status":"publish","type":"post","link":"https:\/\/version-2.com\/en\/2024\/10\/how-firewalls-support-hipaa-compliance-best-practices-for-healthcare-providers\/","title":{"rendered":"How firewalls support HIPAA compliance: best practices for healthcare providers"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"92397\" class=\"elementor elementor-92397\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-35fe5dd post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"35fe5dd\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;cef08c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-409a2e9a\" data-id=\"409a2e9a\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5a8be8f elementor-widget elementor-widget-text-editor\" data-id=\"5a8be8f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone size-medium\" src=\"https:\/\/content.nordlayer.com\/uploads\/large_How_cloud_firewalls_support_HIPAA_compliance_blog_cover_4c9ae12d61.png\" width=\"1000\" height=\"571\" \/><\/p><div class=\"Grid_item__8Wd1v Grid_col9Lg__IiDDJ BlogArticle_contentGrid__wDyG9\"><div class=\"BlogArticle_articleSummary__vUkIt\"><div class=\"ArticleSummary_markdownWrapper__admhj\"><p class=\"Text_text__rSWMU Markdown_paragraph__WNGcF ArticleSummary_paragraph__AmdWA Text_bodyColor__a5sZX\" data-testid=\"text\"><strong class=\"Markdown_strong__zgufl ArticleSummary_strong__PSecf\">Summary:<\/strong> Firewalls support HIPAA compliance by securing patient data. Discover how NordLayer helps healthcare organizations stay compliant.\u00a0<\/p><\/div><\/div><div id=\"section-1\"><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Healthcare providers and insurers handle more valuable personal data than any other organizations. Losing this data puts millions of patients at risk, which is why healthcare is also one of the most highly regulated sectors.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Regulations like the Health Insurance Portability and Accountability Act (HIPAA) protect our privacy from an army of cyber attackers. HIPAA recommends administrative and technical solutions to lock down patient data.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">There are many HIPAA requirements, ranging from preventing PHI disclosure to making health information available. Firewall barriers help meet requirements for <strong class=\"Markdown_strong__zgufl\">access control policies and role-based access<\/strong>.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">That\u2019s because firewall tools allow for the <strong class=\"Markdown_strong__zgufl\">implementation of granular network access<\/strong> <strong class=\"Markdown_strong__zgufl\">controls,<\/strong> which helps protect sensitive medical records and data from unauthorized access. Firewalls enable healthcare companies to benefit from digital environments and remote access while securing data and avoiding <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/hipaa\/violation-fines\/\">HIPAA penalties<\/a>.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">This article will explore what role firewalls play in achieving HIPAA compliance and suggest some best practices for <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/firewall\/configuration\/\">firewall configuration<\/a>. We will look at firewall risk assessments and help you lock down medical data.<\/p><h2 id=\"what-is-hipaa-compliance\" class=\"Heading_root__vbfeI Heading_heading30__45qwh Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading2__q1N0l SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">What is HIPAA compliance?<\/h2><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\"><a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/hipaa\/what-is-hipaa-compliance\/\">HIPAA compliance<\/a> involves following security and <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/hipaa\/privacy-rule\/\">privacy rules<\/a> under the Health Insurance Portability and Accountability Act (HIPAA). This act is a body of regulations covering the healthcare sector in the United States, and non-compliance can result in significant penalties.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">HIPAA is a complex set of acts and regulations, but core aspects include:<\/p><ul class=\"SharedArticleMarkdownComponents_list__wACy0 SharedArticleMarkdownComponents_horizontalSpacing__3J8kD List_list__ue2mH\"><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Privacy.<\/strong> Organizations must safeguard the confidentiality of <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/hipaa\/protected-health-information\/\">Protected Health Information (PHI)<\/a> relating to patient identities and healthcare histories.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Security<\/strong>. Organizations must protect against data breaches and implement appropriate data protection and cybersecurity measures.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Assessment.<\/strong> Companies must allow access to patient records.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Portability<\/strong>. Patients must be able to change providers if desired.<\/div><\/li><\/ul><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Compliance requirements extend to <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/hipaa\/covered-entity\/\">covered entities<\/a> and <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/hipaa\/business-associate-agreement\/\">business associates<\/a>. Covered entities include direct healthcare organizations and insurers. Business associates are third parties with access to medical records. Examples include cloud storage providers or IT support companies.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Key takeaway: <strong class=\"Markdown_strong__zgufl\">HIPAA compliance is essential if your company handles or stores PHI.<\/strong><\/p><p data-testid=\"text\">\u00a0<\/p><\/div><div id=\"section-3\"><h2 id=\"the-importance-of-firewalls-in-hipaa-compliance\" class=\"Heading_root__vbfeI Heading_heading30__45qwh Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading2__q1N0l SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">The importance of firewalls in HIPAA compliance<\/h2><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Data protection is one of the core HIPAA requirements. Although HIPAA does not set out precise technical requirements, organizations can use any technical means to protect patient data.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">However, <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/firewall\/what-is-firewall\/\">Firewalls<\/a> usually play a critical role by <strong class=\"Markdown_strong__zgufl\">blocking unauthorized access and filtering data<\/strong> passing to and from network assets.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">A robust firewall enables healthcare organizations to <strong class=\"Markdown_strong__zgufl\">regulate who accesses digital PHI (ePHI).<\/strong> <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/firewall\/cloud\/\">Cloud-based firewalls<\/a> also <strong class=\"Markdown_strong__zgufl\">secure hybrid environments<\/strong> that host patient information or web assets.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Firewalls are not the <em>only<\/em> tools required to comply with the <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/hipaa\/security-rule\/\">HIPAA Security Rule<\/a>, but they are compliance essentials.<\/p><h2 id=\"features-of-a-hipaacompliant-cloud-firewall\" class=\"Heading_root__vbfeI Heading_heading30__45qwh Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading2__q1N0l SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">Features of a HIPAA-compliant cloud firewall<\/h2><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Every business should use firewalls in their security infrastructure, but not all firewalls suit healthcare organizations. Firewalls that contribute to HIPAA compliance must meet regulatory standards in various ways. Knowing where you stand is vital.<\/p><\/div><div id=\"section-4\"><div class=\"ArticleImage_root__wPCMO BlogArticle_articleImage__BPrGe\"><img decoding=\"async\" class=\"alignnone size-medium\" src=\"https:\/\/content.nordlayer.com\/uploads\/How_cloud_firewalls_support_HIPAA_compliance_2ba2db0b9d.png\" width=\"1400\" height=\"1031\" \/><\/div><\/div><div id=\"section-5\"><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Features of a suitable firewall include:<\/p><ul class=\"SharedArticleMarkdownComponents_list__wACy0 SharedArticleMarkdownComponents_horizontalSpacing__3J8kD List_list__ue2mH\"><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div>Data encryption for patient information (at rest <em>and<\/em> in transit)<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/access-control\/what-is-access-control\/\">Access controls<\/a> and identity management to block unauthorized access to medical records<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div>In-depth traffic analysis via <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/features\/deep-packet-inspection\/\">Deep Packet Inspection (DPI)<\/a> and Stateful Packet Inspection (SPI)<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div>Real-time activity monitoring (inbound and outbound traffic)<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div>Blocking viruses and malicious software<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/vpn\/what-is-vpn\/\">Virtual private network (VPN)<\/a> coverage<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/network-security\/network-segmentation\/\">Network segmentation<\/a> for confidential data<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div>Flexibility and the ability to scale safely<\/div><\/li><\/ul><h2 id=\"best-practices-for-using-firewalls-to-achieve-hipaa-compliance\" class=\"Heading_root__vbfeI Heading_heading30__45qwh Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading2__q1N0l SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">Best practices for using firewalls to achieve HIPAA compliance<\/h2><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Given the requirements above, what is the best way to set up a firewall that helps you meet HIPAA regulations?<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Implementations vary depending on the type and amount of PHI you handle. The best practices below apply to most HIPAA compliance situations and provide a solid foundation.<\/p><ul class=\"SharedArticleMarkdownComponents_list__wACy0 SharedArticleMarkdownComponents_horizontalSpacing__3J8kD List_list__ue2mH\"><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Secure inbound connections<\/strong>. Securing remote access or third-party network connections is a common pain point. Set inbound firewall rules to allow access to legitimate users. Add VPN protection for remote connections to shield traffic from external view.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Manage outbound connections<\/strong>. Configure outbound firewall rules to prevent unauthorized extraction of PHI.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Manage third parties securely<\/strong>. Many covered entities use business associates to process, store, or analyze data. Carry out risk assessments for all third-party access. Consider time-limiting third-party providers to minimize their contact with PHI.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Strategically position your firewall.<\/strong> Firewall rules should manage traffic to and from locations where you store or handle PHI. Assess PHI processing operations and position your firewall to filter inbound and outbound traffic.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Control access to firewall settings<\/strong>. Only approved administrators should have access to firewall controls. Be careful when assigning admin privileges. Apply brief escalation windows to scale back permissions if needed.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Protect PHI inside a secure zone.<\/strong> Secure zones are network segments containing HIPAA-covered health data. Configure firewall rules to filter traffic to and from these zones.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Implement threat responses<\/strong>. Plan how you respond to suspected data breaches or security gaps. Document firewall breaches and actions taken in response. Constantly update firewall rules to meet evolving cyber threats.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Create HIPAA firewall policies<\/strong>. Policies document firewall rules and how your firewall meets HIPAA obligations. Revisit policies annually to assess their effectiveness and make changes if needed.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Backup firewall rules and configurations<\/strong>. Create a secure storage zone for firewall configurations. Regular and secure backups allow you to restore security infrastructure following cyber attacks.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Maintain and review audit logs.<\/strong> Configure firewall logs to record access patterns. Retain logs for at least one year, according to HIPAA guidelines. Store logs in an accessible format and consult logs daily to detect incoming cyber attacks.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Schedule third-party HIPAA audits<\/strong>. Covered entities and business associates should arrange external audits to ensure HIPAA compliance. Audits should include robust firewall assessments. Implement recommendations promptly to resolve vulnerabilities.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Scan systems to detect weaknesses<\/strong>. Scan networks regularly using qualified internal resources or third-party services. Include firewall integrity in vulnerability scans, focusing on access to sensitive data.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Update firewall appliances and software regularly<\/strong>. Implement vendor-supplied updates as soon as they are available. Upgrade or replace software tools if vendors no longer support them. Audit tools annually to detect unsupported firewalls. Vendors may not inform users when products change.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Train staff to use firewalls<\/strong>. HIPAA compliance requires employee training. Programs should focus on handling patient data and preventing cyber threats. Firewall usage is a core component. Ensure staff understand <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/learn\/cloud-security\/what-is-cloud-security\/\">cloud security<\/a> protocols and tools and test knowledge and behavior annually.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Consider a managed firewall to cut costs.<\/strong> Smaller covered entities under HIPAA may struggle to protect patient information themselves. While firewalls\u2014whether hardware or software\u2014are typically provided by third-party vendors, choosing a managed firewall service adds an extra layer of support. For example, instead of setting up NordLayer\u2019s firewall directly and handling all configurations yourself, you could choose an MSP (Managed Service Provider). MSPs handle all firewall configurations and maintenance, which is ideal for organizations without the internal expertise or confidence to manage these technical safeguards.<\/div><\/li><\/ul><h2 id=\"carrying-out-a-firewall-risk-assessment\" class=\"Heading_root__vbfeI Heading_heading30__45qwh Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading2__q1N0l SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">Carrying out a firewall risk assessment<\/h2><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Risk assessments consider critical HIPAA compliance risks. They complement the best practices above by systematically assessing firewall setups according to HIPAA risks.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Never roll out firewall appliances without a thorough risk assessment. Risk assessments determine whether your firewall protects patient data while meeting operational needs and limiting costs.<\/p><\/div><div id=\"section-6\"><div class=\"ArticleImage_root__wPCMO BlogArticle_articleImage__BPrGe\"><img decoding=\"async\" class=\"alignnone size-medium\" src=\"https:\/\/content.nordlayer.com\/uploads\/Risk_assessment_for_a_firewall_supporting_HIPAA_compliance_48308925d3.png\" width=\"1400\" height=\"1067\" \/><\/div><\/div><div id=\"section-7\"><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">HIPAA risk assessments for firewalls should include several critical elements:<\/p><ul class=\"SharedArticleMarkdownComponents_list__wACy0 SharedArticleMarkdownComponents_horizontalSpacing__3J8kD List_list__ue2mH\"><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Scope and asset identification<\/strong>. Determine where patient data resides and how it moves around your network. Establish the scope for firewall protection, including any necessary network segments.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Threat assessment<\/strong>. What kind of cyber threats should the firewall counter? Think about DDoS, data breaches, insider threats, and physical risks to firewall infrastructure.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Assess vulnerabilities<\/strong>. Check configuration issues like vendor-supplied passwords, default settings, or compatibility problems. Ensure firmware is current. Look at policies and identify gaps that could impact firewall effectiveness.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Prioritize risks<\/strong>. Identify risks based on vulnerabilities. Rank HIPAA risks based on impact and probability and create risk management plans for each vulnerability. Using a risk matrix makes it easy to visualize risks and keep track of progress.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Risk mitigation<\/strong>. Test firewalls to ensure they protect HIPAA-covered data. Run simulations to test filtering, access control, and packet inspection features. Check training knowledge and admin controls. Verify firewalls are physically secure. If relevant, test remote access from employee workstations.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Continuous monitoring<\/strong>. If you have not already done so, implement continuous firewall monitoring.<\/div><\/li><li class=\"ListItem_item__IYMrj SharedArticleMarkdownComponents_listItem__cstSU\"><div><strong class=\"Markdown_strong__zgufl\">Documentation.<\/strong> Create a risk assessment report documenting your findings. This document should explain how your firewall helps you meet HIPAA compliance requirements. It should list any additional mitigation actions and include sign-off from senior company officials.<\/div><\/li><\/ul><h2 id=\"what-happens-if-your-cloud-firewall-does-not-guard-phi\" class=\"Heading_root__vbfeI Heading_heading30__45qwh Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading2__q1N0l SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">What happens if your cloud firewall does not guard PHI?<\/h2><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Following best practices and carrying out a robust risk assessment may seem time-consuming. However, spending time on HIPAA risk mitigation is always worthwhile. Insecure firewalls eventually cause serious problems for healthcare companies and their customers.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Firewalls&#8217; most important role is preventing PHI data leaks, the number one cyber attack risk for healthcare organizations.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">In 2023, the <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/securityintelligence.com\/articles\/cost-of-a-data-breach-2023-healthcare-industry-impacts\/\" target=\"_blank\" rel=\"noopener\">average data breach<\/a> cost in the USA was $4.45 million, while the average in healthcare was $10.9 million\u2014a massive difference. Firewalls cut data breach risks by blocking direct access to patient records.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">According to HHS, this risk is even greater if companies <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/www.hhs.gov\/sites\/default\/files\/securing-remote-access-software-alert.pdf\" target=\"_blank\" rel=\"noopener\">rely on remote access<\/a>. Telehealth services and medical practitioners use the public internet to send ePHI and access cloud storage. Firewalls and VPNs secure these connections while allowing innovation and flexibility.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Firewalls can also <strong class=\"Markdown_strong__zgufl\">manage risks from insider attacks<\/strong> by locking ePHI inside secure zones. Only users with a legitimate reason have access to these zones, deterring other users with malicious intentions.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Just as importantly, firewalls achieve HIPAA compliance goals. This avoids some very damaging consequences.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Companies with solid access controls and data filtering systems are <strong class=\"Markdown_strong__zgufl\">less likely to receive HIPAA penalties<\/strong>. Compliant organizations spend less on mitigation activities and <strong class=\"Markdown_strong__zgufl\">avoid reputational damage<\/strong> when regulators detect problems.<\/p><h2 id=\"how-nordlayer-can-help-you-achieve-hipaa-compliance\" class=\"Heading_root__vbfeI Heading_heading30__45qwh Heading_primary__3VZgz Heading_medium__jmtkh SharedArticleMarkdownComponents_heading__EjJDp SharedArticleMarkdownComponents_heading2__q1N0l SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"heading\">How NordLayer can help you achieve HIPAA compliance<\/h2><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Access control policies are essential for <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/security-compliance\/hipaa\/\">HIPAA compliance<\/a>, and firewalls are key tools for creating secure data environments that meet HIPAA requirements. Firewalls protect sensitive medical records and ensure that only authorized personnel can access critical resources. However, meeting compliance can challenge smaller and medium-sized enterprises.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">NordLayer is the ideal HIPAA security partner for companies experiencing these challenges. <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/features\/cloud-firewall\/\">Our cloud firewall<\/a> protects today&#8217;s hybrid network infrastructures with fine-grained access controls and traffic inspection. Administrators can also set role-based access controls, ensuring only authorized users access sensitive data.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">That\u2019s not all. NordLayer also offers VPN coverage, Deep Packet Inspection (DPI), Device Posture Security (DPS), and multi-factor authentication (MFA). Quantum-safe encryption of data in transit also meets HIPAA\u2019s cryptography management requirements.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Together, NordLayer\u2019s features address most of <strong class=\"Markdown_strong__zgufl\">HIPAA\u2019s technical and access control requirements<\/strong>. Applying security measures also makes life easier for users by integrating with business systems.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Our cloud firewall scales smoothly, allowing organizations to grow. IT admins can easily change rules to create groups or manage permissions. There&#8217;s no hardware to maintain or update. Everything updates automatically, avoiding security gaps.<\/p><p class=\"Text_text__rSWMU SharedArticleMarkdownComponents_paragraph__rX5nt SharedArticleMarkdownComponents_horizontalSpacing__3J8kD\" data-testid=\"text\">Ready to update your firewall and enhance your HIPAA compliance status? <a class=\"Link_inherit__NP_8V Link_medium__XEV_Z Link_noTextDecoration__GhdxD Link_aTagRoot__8wRP7 SharedArticleMarkdownComponents_link__aj_Vl\" href=\"https:\/\/nordlayer.com\/contact-sales\/\">Contact the NordLayer team<\/a> today.<\/p><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-cf03edf elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"cf03edf\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b576c6d\" data-id=\"b576c6d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-bfd91ca elementor-widget elementor-widget-shortcode\" data-id=\"bfd91ca\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"63561\" class=\"elementor elementor-63561\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-1b6aa2c4 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"1b6aa2c4\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1b283ee5\" data-id=\"1b283ee5\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4e466f1a elementor-widget elementor-widget-text-editor\" data-id=\"4e466f1a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About NordLayer<br \/><\/strong>NordLayer is an adaptive network access security solution for modern businesses \u2013 from the world\u2019s most trusted cybersecurity brand, Nord Security.<\/p><p>The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-9e34e91 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"9e34e91\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-bb2c932\" data-id=\"bb2c932\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-c6a493c elementor-widget elementor-widget-text-editor\" data-id=\"c6a493c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About NordLayer<br \/><\/strong>NordLayer is an adaptive network access security solution for modern businesses \u2013 from the world\u2019s most trusted cybersecurity brand, Nord Security.<\/p><p>The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>Summary: Firewalls support HIPAA compliance by securing [&hellip;]<\/p>","protected":false},"author":149011790,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1273,973,1130,61],"tags":[1272,974,1132],"class_list":["post-92397","post","type-post","status-publish","format-standard","hentry","category-1273","category-nord-security","category-nordlayer","category-press-release","tag-1272","tag-nord-security","tag-nordlayer"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How firewalls support HIPAA compliance: best practices for healthcare providers - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nordlayer.com\/blog\/firewall-hipaa-compliance\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How firewalls support HIPAA compliance: best practices for healthcare providers - Version 2\" \/>\n<meta property=\"og:description\" content=\"Summary: Firewalls support HIPAA compliance by securing [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nordlayer.com\/blog\/firewall-hipaa-compliance\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2024-10-26T04:22:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/content.nordlayer.com\/uploads\/large_How_cloud_firewalls_support_HIPAA_compliance_blog_cover_4c9ae12d61.png\" \/>\n<meta name=\"author\" content=\"tracylamv2\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"tracylamv2\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/firewall-hipaa-compliance\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/10\\\/how-firewalls-support-hipaa-compliance-best-practices-for-healthcare-providers\\\/\"},\"author\":{\"name\":\"tracylamv2\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\"},\"headline\":\"How firewalls support HIPAA compliance: best practices for healthcare providers\",\"datePublished\":\"2024-10-26T04:22:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/10\\\/how-firewalls-support-hipaa-compliance-best-practices-for-healthcare-providers\\\/\"},\"wordCount\":1899,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/firewall-hipaa-compliance\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/content.nordlayer.com\\\/uploads\\\/large_How_cloud_firewalls_support_HIPAA_compliance_blog_cover_4c9ae12d61.png\",\"keywords\":[\"2024\",\"Nord Security\",\"NordLayer\"],\"articleSection\":[\"2024\",\"Nord Security\",\"NordLayer\",\"Press Release\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2024\\\/10\\\/how-firewalls-support-hipaa-compliance-best-practices-for-healthcare-providers\\\/\",\"url\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/firewall-hipaa-compliance\\\/\",\"name\":\"How firewalls support HIPAA compliance: best practices for healthcare providers - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/firewall-hipaa-compliance\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/firewall-hipaa-compliance\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/content.nordlayer.com\\\/uploads\\\/large_How_cloud_firewalls_support_HIPAA_compliance_blog_cover_4c9ae12d61.png\",\"datePublished\":\"2024-10-26T04:22:36+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/firewall-hipaa-compliance\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nordlayer.com\\\/blog\\\/firewall-hipaa-compliance\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/firewall-hipaa-compliance\\\/#primaryimage\",\"url\":\"https:\\\/\\\/content.nordlayer.com\\\/uploads\\\/large_How_cloud_firewalls_support_HIPAA_compliance_blog_cover_4c9ae12d61.png\",\"contentUrl\":\"https:\\\/\\\/content.nordlayer.com\\\/uploads\\\/large_How_cloud_firewalls_support_HIPAA_compliance_blog_cover_4c9ae12d61.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nordlayer.com\\\/blog\\\/firewall-hipaa-compliance\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How firewalls support HIPAA compliance: best practices for healthcare providers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\",\"name\":\"tracylamv2\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"caption\":\"tracylamv2\"},\"url\":\"https:\\\/\\\/version-2.com\\\/en\\\/author\\\/tracylamv2\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How firewalls support HIPAA compliance: best practices for healthcare providers - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nordlayer.com\/blog\/firewall-hipaa-compliance\/","og_locale":"en_US","og_type":"article","og_title":"How firewalls support HIPAA compliance: best practices for healthcare providers - Version 2","og_description":"Summary: Firewalls support HIPAA compliance by securing [&hellip;]","og_url":"https:\/\/nordlayer.com\/blog\/firewall-hipaa-compliance\/","og_site_name":"Version 2","article_published_time":"2024-10-26T04:22:36+00:00","og_image":[{"url":"https:\/\/content.nordlayer.com\/uploads\/large_How_cloud_firewalls_support_HIPAA_compliance_blog_cover_4c9ae12d61.png","type":"","width":"","height":""}],"author":"tracylamv2","twitter_card":"summary_large_image","twitter_misc":{"Written by":"tracylamv2","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nordlayer.com\/blog\/firewall-hipaa-compliance\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2024\/10\/how-firewalls-support-hipaa-compliance-best-practices-for-healthcare-providers\/"},"author":{"name":"tracylamv2","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365"},"headline":"How firewalls support HIPAA compliance: best practices for healthcare providers","datePublished":"2024-10-26T04:22:36+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2024\/10\/how-firewalls-support-hipaa-compliance-best-practices-for-healthcare-providers\/"},"wordCount":1899,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/nordlayer.com\/blog\/firewall-hipaa-compliance\/#primaryimage"},"thumbnailUrl":"https:\/\/content.nordlayer.com\/uploads\/large_How_cloud_firewalls_support_HIPAA_compliance_blog_cover_4c9ae12d61.png","keywords":["2024","Nord Security","NordLayer"],"articleSection":["2024","Nord Security","NordLayer","Press Release"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2024\/10\/how-firewalls-support-hipaa-compliance-best-practices-for-healthcare-providers\/","url":"https:\/\/nordlayer.com\/blog\/firewall-hipaa-compliance\/","name":"How firewalls support HIPAA compliance: best practices for healthcare providers - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nordlayer.com\/blog\/firewall-hipaa-compliance\/#primaryimage"},"image":{"@id":"https:\/\/nordlayer.com\/blog\/firewall-hipaa-compliance\/#primaryimage"},"thumbnailUrl":"https:\/\/content.nordlayer.com\/uploads\/large_How_cloud_firewalls_support_HIPAA_compliance_blog_cover_4c9ae12d61.png","datePublished":"2024-10-26T04:22:36+00:00","breadcrumb":{"@id":"https:\/\/nordlayer.com\/blog\/firewall-hipaa-compliance\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nordlayer.com\/blog\/firewall-hipaa-compliance\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/nordlayer.com\/blog\/firewall-hipaa-compliance\/#primaryimage","url":"https:\/\/content.nordlayer.com\/uploads\/large_How_cloud_firewalls_support_HIPAA_compliance_blog_cover_4c9ae12d61.png","contentUrl":"https:\/\/content.nordlayer.com\/uploads\/large_How_cloud_firewalls_support_HIPAA_compliance_blog_cover_4c9ae12d61.png"},{"@type":"BreadcrumbList","@id":"https:\/\/nordlayer.com\/blog\/firewall-hipaa-compliance\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"How firewalls support HIPAA compliance: best practices for healthcare providers"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365","name":"tracylamv2","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","caption":"tracylamv2"},"url":"https:\/\/version-2.com\/en\/author\/tracylamv2\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-o2h","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/92397","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/users\/149011790"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/comments?post=92397"}],"version-history":[{"count":4,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/92397\/revisions"}],"predecessor-version":[{"id":92401,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/posts\/92397\/revisions\/92401"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/media?parent=92397"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/categories?post=92397"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/en\/wp-json\/wp\/v2\/tags?post=92397"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}