Like a security guard, firewalls control what goes in, and what comes out.
|By: Tod Ferran|
It’s true this HIPAA regulation never mentions the word ‘firewall.’ But, to truly be HIPAA compliant, anytime your entity has a connection to the Internet, you must have a physical firewall device in addition to any software firewalls enabled on your systems.
The most common concern I find with small covered entities and business associates is that they don’t know anything about firewalls. Worse, they think the little box their ISP (Internet Service Provider) gave them to connect to the Internet is a firewall, so they feel a false sense of security.