We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Security Gateway

HIPAA Compliance and the Barracuda Web Security Gateway

  • Last updated on

To protect leakage of sensitive data and to provide HIPAA compliance, the Barracuda Web Security Gateway can be configured to detect, capture and archive specific data patterns such as credit card numbers, Social Security numbers (U.S.), HIPAA and privacy information. Use the Suspicious Keywords and Data Patterns feature on the BLOCK/ACCEPT > Web App Monitor page to configure. See also How to Configure Web Application Monitoring.

SSL Inspection and HIPAA Compliance

When the SSL Inspection feature is turned on, the Barracuda Web Security Gateway can be configured to decrypt HTTPS content in user web requests, including search strings, chat/share/comments and other content in order to capture that content and archive if necessary. Note that, in order to comply with HIPAA regulations, domains belonging to the categories Finance & Investment (in the Commerce supercategory) and Health & Medicine (in the Information supercategory) SHOULD NOT BE SSL inspected. If those categories are added to the Inspected Categories table in the Inspected Categories section of the ADVANCED > SSL Inspection page, all domains in those categories will be exempt from SSL Inspection to comply with HIPAA regulations. See also Using SSL Inspection With the Barracuda Web Security Gateway.

 

Last updated on