Atlantic.Net Blog

HIPAA Security Software: HIPAA Compliant Encryption Software, Antivirus, Network Segregation and More

Sam Guiliano
by Atlantic.Net (81 posts) under HIPAA Compliant Hosting

Rather than just listing HIPAA-compliant software, this report gives advice on all the fundamentals, along with a few misconceptions about the kind of robust security environment that is necessary to maintain HIPAA compliant hosting.

  • Proper Network Segregation
  • Tackling Encryption
  • But That’s Not All…

HIPAA Compliant Antivirus & Proper Network Segregation

Security via obfuscation is not a legitimate way for a healthcare company to do business. This tactic is primarily used by small practices that have historically been using their own servers.

What is it? “On the commercial end of computer security, [security via obfuscation] comes in the form of (naively) believing that restricting internet access on portions of your computer network will keep you safer from malware and attackers,” explained Illinois IT consultant Derrick Wlodarz. “You can read up on how far debunked this practice has become, as even an amateur hacker can get around such lowly safeguards in a matter of minutes.”

Segregate your network, and protect it with antivirus/anti-malware HIPAA-compliance software. Use a top antivirus/anti-malware application. Remember that the most important HIPAA-compliant software achieves security by identifying threats and encrypting your data. Free options for the former, such as those from Avast or AVG, are budget-friendly but are not intended for commercial environments. The antivirus must be effective and lightweight, both reasons why Trend Micro Deep Security is used for all Atlantic.Net hosting packages.

HIPAA Compliant Encryption Software

Along with segregating the PHI area of your network with antivirus HIPAA-compliant software, you also need all information to be encrypted. Tactics to achieve that include:

  • Leveraging Windows BitLocker – Here is one reason you might want Windows over Linux: BitLocker. BitLocker is a great piece of HIPAA-compliance software that was only available through the Enterprise or Ultimate versions of Windows 7 but started coming completely free with Windows 8 Pro.
  • Verifying encryption of all backups – All storage systems used for protected health information must be secured against cybercrime, and that includes all hard drives and flash drives used for backup. “Part of the reason I so heavily recommend cloud storage providers [such as Atlantic.Net] for backup today is because [using a provider that is outfitted with HIPAA-compliance software] saves some hassle on encrypting system backups locally,” commented Wlodarz. “But regardless of path chosen, ensure the endpoint of data storage has proper encryption safeguards in use.” Anything that is easily detachable and portable represents a significant danger for theft.
  • Using Windows Remote Desktop Services (RDS) to minimize the chance of a leak – Starting with Windows NT 4, Windows Server has included the tool Remote Desktop Services (originally known as Terminal Services). Within RDS, Session Based Desktops are basically the up-to-date version of Terminal Services, and they are the simplest to implement. Any authorized members of your staff will be able to manage patient health records from a user interface, but none of that data will leak to their PC. That means your maintenance is more affordable, your information is less exposed, and it’s less likely that protected health information will leak.

For more on encryption, read our article Encryption for HIPAA Compliance: A Quick Primer.

But That’s Not All…

There are two additional elements beyond these questions about piecing together the technology:

  1. Security best practices – You should never have written passwords near any computer. You must have strong passwords on all systems, with no exceptions. Get cable locks for your computers. Use two-factor authentication.
  2. HIPAA-compliant web host – Really the question with HIPAA is whether it makes sense to design your own system or to go with a healthcare hosting expert so that all of your core environment, sectioned off as its own private infrastructure, is established within an SSAE-16-audited, HIPAA-audited system and continually monitored by experienced technicians. That also takes care of another major security best practice: patching and upgrading. HIPAA-compliance software should always be completely up-to-date if you wanted to operate effectively.

The first element may require a culture shift at your organization.

The second element is as simple as getting a quote from us today. We haven’t just jumped into the growing HIPAA Compliance Hosting market to build revenue. We are a part of the health IT community – exhibiting, for example, at the Health Information and Management Systems Society’s annual conference.

We’d be happy to discuss any additional HIPAA Compliant software and other hosting options, like our award-winning cloud hosting solution, so that you can use it on your system to craft a solution that works best for your healthcare company.

Start Your HIPAA Project with a Free Fully Audited HIPAA Platform Trial!

HIPAA Compliant Compute & Storage, Encrypted VPN, Security Firewall, BAA, Offsite Backups, Disaster Recovery, & More!

Start My Free Trial

Looking for HIPAA Compliant Hosting?

We Can Help with a Free Assessment.

  • IT Architecture Design, Security, & Guidance.
  • Flexible Private, Public, & Hybrid Hosting.
  • 24x7x365 Security, Support, & Monitoring.
Contact Us Now!
Stevie Gold Award
Inc 500
Global Infosec 2021
28 Year logo
Ehla Badges 2021 Winner
Made In USA

SOC Audit HIPAA Audit HITECH Audit

Case Studies

White Papers


Recent Posts

Top 10 Best Cybersecurity Training Services
How to Install Ansible on Oracle Linux 8
How to Install LEMP Server on Oracle Linux 8
How to Install and Configure Apache Webserver on Oracle Linux 8
How to Install and Configure Nginx Webserver on Oracle Linux 8

Get started with 12 months of free cloud VPS hosting

Free Tier includes:
G3.2GB Cloud VPS Server Free to Use for One Year
50 GB of Block Storage Free to Use for One Year
50 GB of Snapshots Free to Use for One Year

New York, NY

100 Delawanna Ave, Suite 1

Clifton, NJ 07014

United States

San Francisco, CA

2820 Northwestern Pkwy,

Santa Clara, CA 95051

United States

Dallas, TX

2008 Lookout Dr,

Dallas, Texas 75044

United States

Ashburn, VA

1807 Michael Faraday Ct,

Reston, VA 20190

United States

Orlando, FL

440 W Kennedy Blvd, Suite 3

Orlando, FL 32810

United States

Toronto, Canada

20 Pullman Ct, Scarborough,

Ontario M1X 1E4


London, UK

14 Liverpool Road, Slough,

Berkshire SL1 4QZ

United Kingdom