Chapter 3 System Highlights
UNIVERGE NEAX 2000 IPS Request For Proposal (RFP) Reference Guide Page 3-23
Issue 6
System Compliance HIPAA Summary
The security standards set forth within HIPAA require encryption; authentication and audit trail
measures to safeguard patient medical information during electronic data interchange (EDI)
transactions between healthcare providers and third party reimbursement entities. These measures
impact how patient medical information is exchanged, as well as accessed within a facility’s data
network. Claims transmissions using Internet, intranets, extranets or private data networks are subject
to HIPPA security standards as previously outlined.
HIPAA Compliance
Patient medical data is not accessed, stored or otherwise exchanged over a healthcare facility’s private
branch exchange (PBX). However, an NEC manufactured private branch exchange does provide the
flexibility to create detailed call accounting records that can be utilized to audit or otherwise track
utilization of a facility’s NEC telecommunications system and/or PBX. A NEC PBX can also be
configured to restrict access to designated telephone extensions. Furthermore, an NEC PBX can also
be configured to utilize password access to individual telephones, voice mailboxes, etc. for purposes of
end user authentication.
So, under the guise of the security standards within HIPAA, NEC Private Branch Exchange
equipment is HIPAA compliant and does provide the necessary security measures for use within any
business setting that is subject to administrative rules outlined with the Health Insurance Portability and
Accountability Act.
Department of Defense Compliance
The NEC NEAX 2000 Internet Protocol Switch (IPS) with software release D1.8.20, hereinafter referred
to as the system under test (SUT), meets all of its critical interoperability requirements and is certified
for joint use within the Defense Switched Network (DSN) as a Private Branch Exchange (PBX) 2.
However, since PBX2s do not support the Military Unique Feature Requirements detailed in reference
(c), connectivity to the DSN is not authorized until a waiver is granted by the CJCS. PBXs are Military
Department (MILDEP) controlled elements of the Defense Switched Network (DSN). PBX2 switches
have no military unique features (MUFs) and can only serve Department of Defense (DOD), non-DOD,
non-governmental, and foreign government users having no missions or communications requirement
to ever originate or receive Command and Control (C2) communications. C2 users and Special C2
users are not authorized to be served by a PBX2. This interoperability test status is based on
evaluation of Chairman of the Joint Chiefs of Staff (CJCS) validated Generic Switching Center
Requirements (GSCR) for PBX2s and the overall system interoperability performance. The SUT also
offers a Voice over Internet Protocol capability; however this capability is not covered under this
certification.
This statement was obtained from a Department of Defense document posted on there web site and full
copy of the compliance document can be downloaded from the following link.