HIPAA-Compliant Wi-Fi: What You Need To Know

Did you know your medical Personally Identifiable Information (PII) is worth 50x more than your credit card information on the black market? It’s also the target of exponentially rising attacks.

A recent report from Keeper Security has highlighted staggering stats informing us that 90% of all healthcare organizations have had a data breach, affecting nearly one-third of the U.S. population.

As cyber attacks on healthcare organizations are increasing rapidly, IT administrators are reviewing their cyber security policies from the ground up.  Wireless access is one area that deserves close attention given the proliferation of the BYOD (Bring Your Own Device) phenomena, staff equipped with tablets to access Electronic Health Records (EHR), and increasing adoption of wirelessly connected medical devices.

HIPAA has historically provided the guiding principles for securing access to patient information. However, you won’t find specific implementation requirements for a wireless LAN (WLAN) within HIPAA.

Adhering to the following requirements will ensure your Wi-Fi network is HIPAA compliant:

Administrative requirements

  1. Collect logs of the WLAN administrators’ logon and logoff events
  2. Use a WLAN solution with central management (controller/cloud) so that administrator account passwords are maintained in one system
  3. Use a WLAN solution with detection of wireless security threats such as rogue access points
  4. Make a backup of your WLAN configuration from the controller/cloud management system and store it safely offsite in case of an emergency
  5. Use a WLAN solution that allows healthcare staff to remain connected to patient information if the internet or central controller is unavailable to the access points

Physical requirements 

  1. Use access points that offer protection from physical tampering, such as Kensington locks
  2. Store any on-site WLAN controller equipment behind access-restricted areas

Technical requirements 

  1. If you offer public-facing Wi-Fi access, separate this traffic from your internal EHR-facing network using separate SSIDs and/or VLAN IDs
  2. At a minimum, use WPA2 with PSK encryption and if possible, implement WPA2 enterprise 802.1x with client-side certificate security protection
  3. Use a WLAN solution the provides visibility into wireless client activity such as bandwidth consumed, source/destination information, and that has the ability to selectively block any traffic


Above is part of an article published by Watchguard.


Call Imagineering today to discuss a secure and flexible wireless solution for you!

HOOPS Business Management Software, Powered by Acumatica

Request a FREE Demonstration

Experience the Power of the Cloud with a free demonstration of HOOPS Business Management Software, powered by Acumatica.

FREE Consultation

Request a free consult to discuss your business and technology goals by filling out the form below.

Thank You

We have received your submission.

If you have additional questions, please call (715) 834 – 7712.