Meeting HIPAA Requirements with Deception Technology
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) laid out a broad range of rules for Healthcare providers in the United States that fundamentally changed how these organizations were required to handle patient information. The HIPAA requirements set standards for protecting patient records without laying out specific technological or process solutions. One of the goals of these requirements was to allow enough flexibility for organizations to meet the privacy and security mandates using the tools that best fit their environment. In this paper we will look at how deception technology can help an organization meet these requirements effectively, and efficiently, specifically in the context of Information Security.