P


Packet:
The unit of data sent across a network.
Partitions:
Major divisions of the total physical hard disk space.
Password:
Confidential authentication information composed of a string of characters . [45 C.F.R. § 164.304]
Password Sniffing:
Passive wiretapping, usually on a local area network, to gain knowledge of passwords.
Penetration:
Gaining unauthorized logical access to sensitive data by circumventing a system's protections .
Personal Health Information:
Health information that is specifically related to a person. For instance, the fact that a specific person has a disease is personal health information, general information on the disease is not, but the fact that a specific person was given that information may be.
PHI:
See protected health information.
Physical Safeguards:
Physical measures, policies, and procedures to protect a covered entity's electronic information systems and related buildings and equipment, from natural and environmental hazards, and unauthorized intrusion. [45 C.F.R. § 164.304].
Ping of Death:
An attack that sends an improperly large ICMP echo request packet (a 'ping') with the intent of overflowing the input buffers of the destination machine and causing it to crash.
Ping Sweep:
An attack that sends ICMP echo requests (' pings ') to a range of IP addresses, with the goal of finding hosts that can be probed for vulnerabilities.
Plaintext:
Ordinary readable text before being encrypted into ciphertext or after being decrypted.
Plan Sponsor:
Defined at section 3(16)(B) of ERISA, 29 U.S.C. 1002(16)(B). [45 C.F.R. § 164.103]
Point-to-Point Protocol (PPP):
A protocol for communication between two computers using a serial interface, typically a personal computer connected by phone line to a server. It packages your computer's TCP/IP packets and forwards them to the server where they can actually be put on the Internet.
Point-to-Point Tunneling Protocol (PPTP):
A protocol (set of communication rules) that allows corporations to extend their own corporate network through private 'tunnels' over the public Internet.
Port Scan:
An attack that sends client requests to a range of server port addresses on a host, with the goal of finding an active port and exploiting a known vulnerability of that service.
Post Office Protocol, version 3 (POP3):
An Internet Standard protocol by which a client workstation can dynamically access a mailbox on a server host to retrieve mail messages that the server has received and is holding for the client.
Pretty Good Privacy (PGP) ¢ :
Referrers to a computer program (and related protocols) that uses cryptography to provide data security for electronic mail and other applications on the Internet.
Privacy Officer:
A specific, named person who is responsible for ensuring compliance with the privacy sections of HIPAA
Promiscuous Mode:
When a machine reads all packets off the network, regardless of who they are addressed to. This is used by network administrators to diagnose network problems, but also by unsavory characters who are trying to eavesdrop on network traffic (which might contain passwords or other information).
Protected Health Information:
Individually identifiable health information:
  1. Except as provided in paragraph (2) of this definition, that is:

    1. Transmitted by electronic media;

    2. Maintained in electronic media; or

    3. Transmitted or maintained in any other form or medium.

  2. Protected health information excludes individually identifiable health information in:

    1. Education records covered by the Family Educational Rights and Privacy Act, as amended, 20 U.S.C. 1232g;

    2. Records described at 20 U.S.C. 1232g(a)(4)(B)(iv); and

    3. Employment records held by a covered entity in its role as employer.

[45C.F.R. § 160.103]
Protocol:
A formal specification for communicating; an IP address the special set of rules that end points in a telecommunication connection use when they communicate. Protocols exist at several levels in a telecommunication connection.
Protocol stacks (OSI):
A set of network protocol layers that work together.
Proxy Server:
A server that acts as an intermediary between a workstation user and the Internet so that the enterprise can ensure security, administrative control, and caching service. A proxy server is associated with or part of a gateway server that separates the enterprise network from the outside network and a firewall server that protects the enterprise network from outside intrusion.
Public Key:
The publicly -disclosed component of a pair of cryptographic keys used for asymmetric cryptography.
Public Key Encryption:
The popular synonym for 'asymmetric cryptography'.
Public Key Infrastructure (PKI):
A PKI (public key infrastructure) enables users of a basically unsecured public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. The public key infrastructure provides for a digital certificate that can identify an individual or an organization and directory services that can store and, when necessary, revoke the certificates.



HIPAA Security Implementation, Version 1.0
HIPAA Security Implementation, Version 1.0
ISBN: 974372722
EAN: N/A
Year: 2003
Pages: 181

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net