Top 5 Basic Network Security Features For HIPAA Compliance

1. Confidentiality/privacy.
Given that Network Security provides for encryption of a message or transaction, parties in between the sender and recipient cannot easily decrypt the message encrypt using Network Security tools.

2. Authentication.
Because the private key is considered a valid proof of a person’s identity (because the private key is known only to the authenticated owner), messages signed by the key holder validate, digitally, the signer’s unique identity.

3. Integrity.
To maintain message integrity—that is, ensuring that a message was not altered after it was created—hash algorithms are used within a Network Security system to verify the integrity of each message.

4. Nonrepudiation.
As we noted in the comments for authentication, the holder of a private key is deemed to be the only owner of that key (unless it is reported lost or stolen, in which case the certificate associated with that private key would be revoked and invalidated), any signatures with that key are deemed to belong to the signer.

5. Access control.
Although Network Security does not directly provide for access control mechanisms, it does provide for a good foundation. Certificates, treated as digital credentials, can be tied to biometrics to control access, or certificates may be used as proof of identity. The certificate can provide the basic information to help an access control system make an informed decision about access to some resources.