Web Security

Encerrado Postado há 4 anos Pago na entrega
Encerrado Pago na entrega

Standards:

Become HIPAA compliant:

The rules also apply to XM local system and XM cloud system and providers who conduct electronic health-related transactions. The Privacy Rule requires that SB company put safeguards in place to protect patients' privacy on company equipment. The safeguards must shield their PHI:

I. FIPS 140-2 Level 3 compliant:

All confidential data (ePHI) data in cloud environments must be always encrypted with RSA-HSM (or EC-HCM) protected column master encryption keys;

SB will rotate encryption keys on an annual basis, and will coordinate the schedule with DOH;

All ePHI data-transfer (between facilities and datacenters) must be over SSH with SSL certificate stored on the key-valt of SB company;

Each XM device must have its SSL certificate based on device serial number, and the expiration of the SSL certificate should be equal to the expiry of the subscription.

The SB company will rotate SSL certificate on an annual basis, and will coordinate the schedule with client’s subscription.

Only team members of the SB Encryption Services (SES) can have access to perform key management operations, such as create, rotate, retire, revoke, etc.

For Hight level security facilities such as US DOH (USA department of helth) our system must provide following abilities:

Requirements:

DOH Encryption Services (DES) team will have sole administrative access to the SB party Key Vault to perform key management tasks;

DES team needs audit logging of the Key Vault to ensure access is not granted to any users other than the DES team, and access is not removed from DES members.

DOH will receive notifications to dl-keysecure@[login to view URL] if any permissions do change.

DOH keys must be generated and exported from the DOH KeySecure.

DOH keys must be loaded into the SB party’s Azure Key Vault to share read-access of the key.

Steps for Key Creation:

DOH DES will create an RSA-HSM (or EC-HCM) key within DOH KeySecure appliance—residing on premise;

The DES team will wrap the created key with a public key from SB and import the key into the SB party key vault.

The SB party will use the imported key to encrypt and decrypt ePHI data that resides in the SB cloud.

Compliance with FDA regulations:

I. FDA 510(k) clearance compliance with current Medical Imaging & Technology Alliance (MITA) radiation dose management standards.

II. Reports for Radiation Emitting Electronic Products

Base on business requirements, HIPAA and FDA regulations we need to create architectural design of PROD system in MS Visio file.

.NET Azure Programação C# Criptografia Segurança na rede

ID do Projeto: #19695586

Sobre o projeto

6 propostas Projeto remoto Ativo em há 4 anos

6 freelancers estão ofertando em média $393 nesse trabalho

srmukul2

Hi there! May Peace Be Upon You !! I am a Certified Ethical Hacker and Pen Tester. I just love hacking and breaking the rules, but don’t get me wrong as I said I am an ethical hacker. @Certified at Windows Sec Mais

$555 USD in 10 dias
(16 Comentários)
5.5
dtss

Passionate IT Professional with 12+ years of experience and a good track record of Microsaft technology stack includes web apps technology, Sql, Azure, DevOps, .Net, Aws, Docker, Ansible and containerization Technology Mais

$250 USD in 19 dias
(1 Comentário)
1.2
kelvyn02

Hello, I am a CISSP, CISM and Principal security architect based in Houston TX with over 10 years experience in Information security, HIPAA and other regulatory compliance standards. Lets discuss your project. R Mais

$250 USD em 1 dia
(0 Comentários)
0.0
secniranjan

This can be achieved in the suggested period of time. Post completion you will be shared will the report of the findings.

$250 USD in 15 dias
(0 Comentários)
0.0