Web Security


Become HIPAA compliant:

The rules also apply to XM local system and XM cloud system and providers who conduct electronic health-related transactions. The Privacy Rule requires that SB company put safeguards in place to protect patients' privacy on company equipment. The safeguards must shield their PHI:

I. FIPS 140-2 Level 3 compliant:

All confidential data (ePHI) data in cloud environments must be always encrypted with RSA-HSM (or EC-HCM) protected column master encryption keys;

SB will rotate encryption keys on an annual basis, and will coordinate the schedule with DOH;

All ePHI data-transfer (between facilities and datacenters) must be over SSH with SSL certificate stored on the key-valt of SB company;

Each XM device must have its SSL certificate based on device serial number, and the expiration of the SSL certificate should be equal to the expiry of the subscription.

The SB company will rotate SSL certificate on an annual basis, and will coordinate the schedule with client’s subscription.

Only team members of the SB Encryption Services (SES) can have access to perform key management operations, such as create, rotate, retire, revoke, etc.

For Hight level security facilities such as US DOH (USA department of helth) our system must provide following abilities:


DOH Encryption Services (DES) team will have sole administrative access to the SB party Key Vault to perform key management tasks;

DES team needs audit logging of the Key Vault to ensure access is not granted to any users other than the DES team, and access is not removed from DES members.

DOH will receive notifications to dl-keysecure@[login to view URL] if any permissions do change.

DOH keys must be generated and exported from the DOH KeySecure.

DOH keys must be loaded into the SB party’s Azure Key Vault to share read-access of the key.

Steps for Key Creation:

DOH DES will create an RSA-HSM (or EC-HCM) key within DOH KeySecure appliance—residing on premise;

The DES team will wrap the created key with a public key from SB and import the key into the SB party key vault.

The SB party will use the imported key to encrypt and decrypt ePHI data that resides in the SB cloud.

Compliance with FDA regulations:

I. FDA 510(k) clearance compliance with current Medical Imaging & Technology Alliance (MITA) radiation dose management standards.

II. Reports for Radiation Emitting Electronic Products

Base on business requirements, HIPAA and FDA regulations we need to create architectural design of PROD system in MS Visio file.

Skills: .NET, Azure, C# Programming, Cryptography, Web Security

See more: web security ppt, web security issues, web security tutorial, web security basics, introduction to web security, web security book, importance of web security, web security course, php user level security, php page level security, web graphic standards, gsd331 security standards, high level security protocols simulator, vba security folder permissions, website security check permissions, sharepoint column level security, column level security sharepoint 2007, column level security sharepoint 2010, assessment security standards documentation, risk assessment security standards documentation

About the Employer:
( 1 review ) Indore, India

Project ID: #19695586

8 freelancers are bidding on average $427 for this job


Hi There, Extremely interested & immediately available for this opportunity. Outline: • Microsoft GOLD Partner organization. • MICROSOFT CERTIFIED Developers Team on exact same technologies/skills. • CERTIFIED SCRUM More

$500 USD in 7 days
(18 Reviews)

Hi there! May Peace Be Upon You !! I am a Certified Ethical Hacker and Pen Tester. I just love hacking and breaking the rules, but don’t get me wrong as I said I am an ethical hacker. @Certified at Windows Sec More

$555 USD in 10 days
(8 Reviews)

Hi Dear I read your requirements carefully and understand of all. I have a lot of experience with Web Security, Cryptography, software architecture and so on. Please touch me. I will provide good service for you. Regar More

$500 USD in 20 days
(1 Review)
$555 USD in 10 days
(0 Reviews)
$555 USD in 10 days
(0 Reviews)

Hello, I am a CISSP, CISM and Principal security architect based in Houston TX with over 10 years experience in Information security, HIPAA and other regulatory compliance standards. Lets discuss your project. R More

$250 USD in 1 day
(0 Reviews)

This can be achieved in the suggested period of time. Post completion you will be shared will the report of the findings.

$250 USD in 15 days
(0 Reviews)

Passionate IT Professional with 12+ years of experience and a good track record of Microsaft technology stack includes web apps technology, Sql, Azure, DevOps, .Net, Aws, Docker, Ansible and containerization Technology More

$250 USD in 19 days
(0 Reviews)