Healthcare Network Security: Network Management

A Healthcare network that is in better condition and has robust security measures is less likely to be the target of a complaint filed with the Office for Civil Rights of the Department of Health and Human Services (HHS), which could result in a fine being imposed. Below is a discussion of the subject of HIPAA network security requirements.

What is HIPAA Network Security?

Your computer network must be secure in accordance with the HIPAA Security Rule, which includes a number of requirements and safeguards for HIPAA network security.

This article on HIPAA compliance network security covers one of these safeguards: wireless LAN security.

HIPAA Network Security and Wireless LANs

Keeping your company’s wireless LAN secure is one of the HIPAA network security criteria. A wireless computer network is referred to as a wireless LAN (local-area network).

This network creates a LAN inside a specific area by connecting two or more devices wirelessly. The space is constrained, like a house, an office complex, or a college campus. People can walk throughout the region while always being connected to the network by using a wireless LAN.

Using a device known as a gateway, electronic protected health information (ePHI) can move between networks. The wireless LAN offers access to the larger Internet via the gateway.

The HIPAA Security Rule does not specifically address wireless LAN requirements in any one clause. Instead, the HIPAA Security Rule’s three mandatory types of safeguards—administrative safeguards, physical safeguards, and technical safeguards—include these HIPAA network security criteria.

The administrative protections include, among other things, requirements for workforce training, password security standards, access controls, adequate backup, and the need to implement data security policies and procedures.

Maintaining the physical security of hardware and devices constitutes physical protection. Specific security procedures, including protecting and encrypting WLAN communications, make up technical protections.

Administrative protection WLAN security measures must consist of:

  • Gathering logs of the logon and logoff activities of the WLAN admins.
  • Imposing strict password rules.
  • Passwords should be changed when employees depart a company.
  • keeping the passwords for the administrator accounts in a safe system.
  • Utilising a WLAN that recognises wireless security risks.
  • Creating a backup of the WLAN settings and securing it (e.g., at an offsite location or the cloud).
  • Setting up the WLAN so that workers who need to access ePHI can continue to do so.


1 Using access points with features like a locking mechanism or encryption modules that provide protection against physical tampering Hardware called a wireless access point enables Wi-Fi devices to join a wired network. Usually, an access point connects to a router through a wired network.

2. Equipment for WLAN controllers (hardware that controls network access points so wireless devices can connect to the network) should be kept in places with limited access (i.e., in areas that can only be accessed by specifically authorized personnel, for whom access is required in the performance of job duties).