REFERENCES:

¹ Sato, Miles M. 'HIPAA Security Policy Development: A Collaborative Approach' April 30, 2001 http://www.sans.org/rr/policy/HIPAA_policy.php

² 'A National Strategy to Secure Cyberspace' http://www.whitehouse.gov/pcipb/cyberstrategy-draft.html

³ 'Certification Requirements'-HIPAA SECURITY MATRIX http://aspe.hhs.gov/admnsimp/nprm/sec 16.htm

⁴ 'Generally Accepted Principles and Practices for Secure Information Technology Systems'-NIST http://csrc.nist.gov/ publications /nistpubs/80014/80014.pdf

⁵ 'Guidelines for Academic Medical Centers on Security and Privacy- Practical Strategies for Addressing the Health Insurance Portability and Accountability Act ' Association of American Medical Colleges http://www.aamc.org/ members /gir/gasp/.

⁶ Cartwright, Bob. 'Firewall basics-Some points to consider.' Healthcare Information Security-Newsletter . Vol. 2 No. 5 May 2002:10-11

⁷ Nussbaum, Gerald. 'Ten tips for tweaking your VPN.' Healthcare Information Security-Newsletter . Vol. 2 No. 2 February 2002:1, 7-8

⁸ Mitchell, Robert N. 'How Secure Are Your Systems?' Advance for Health Information Executives . Vol.7 No.1. January 2003:30

⁹ 'SANS/FBI Top 10 Windows Vulnerabilities' http://www.sans.org

¹⁰ Free SANS/FBI Top 20 vulnerabilities scan http://www.qualys.com

¹¹ Moreh, Jahen. 'Comparing the best approaches for securing e-mail systems.' Healthcare Information Security-Newsletter . Vol. 2 No.3. March 2002:1, 5-7

¹² Lowe, Scott. 'Six basic tips for implementing closed networking on a wireless network' Tech Republic. December 9, 2002 http://www.techrepublic.com/article.jhtml?id=r006200212091ow02.htm

¹³ Schwartz, Eddie. 'Securing wireless networks-don't let uncertainty impede progress.' Healthcare Information Security-Newsletter . Vol. 2 No.7. July 2002:1, 4-5

¹⁴ 'Phone Sweep' Sandstorm, http://www.sandstorm.net/