This new program is
targeted for small healthcare entities such as medical billing
services and small regional clearinghouses. When used, the words "believes,"
"estimated," "expects," "anticipates," "may" and similar expressions
are intended to identify forward-looking statements. To address growing information security
risks, the IT Governance Institute (ITGI) has released COBIT Security
Baseline, a free downloadable publication that contains 39 steps to improve
information security, essential advice and practical tools to help computer
users of all levels protect their systems.
COBIT Security Baseline includes six Information Security Survival Kits
targeted to boards of directors, senior executives, executives, managers,
professional users and home users/telecommuters.go2vanguard.

auditing securing

Free Survival Kits Help Protect Valuable Information at Every Level

ROLLING MEADOWS, Ill . Aiming to protect valuable
information assets against loss, misuse, disclosure or damage, the kits
include checklists outlining specific security risks, questions to ask and
action items to help organizations and individuals. The CC provides a
standardized way of expressing security requirements and defines the
respective set of rigorous criteria by which the product will be evaluated.
The evaluation will be completed by atsec information security
corporation, one of the world's leading vendor-independent IT security
consulting companies, and accredited in Germany by the Federal Office for
Information Security (BSI).

cisa dept

The EHNAC Commission seeks to accredit entities that send or
receive HIPAA regulated transactions, or that transport or process EDI
transactions between trading partners in the healthcare community. http://www.
"Securing the EAL3+ certification will be another clear testament to the
strength of Vanguard's products," said Ronn H.

forensic cisa

, Increased connectivity ,
portability and pervasiveness of computing make business transactions easier
and more affordable , but also greatly increase exposure to data theft,
viruses, fraud and loss of privacy. LAS VEGAS , Vanguard Integrity Professionals, the
world's leading developer of information security software for IBM's zSeries
Servers, announced today that it will begin EAL3+ certification of its
renowned Vanguard Security Solutions suite of products.

cert switch

0,
please go to http://www.
"Executives and users at all levels can refer to this publication often
because it provides guiding principles that need to be reinforced as IT
environments evolve.

rcmp aiming

Strong security helps improve an organization 's
reputation, reduces wasted effort and expenses incurred when recovering from a
harmful incident , and helps companies gain a competitive edge by safely
implementing new technologies.org at no
charge .org/bookstore. More information on these and other Vanguard
Integrity Professionals products is available online at
http://www.

trusted sofia

Vanguard Integrity Professionals Announces EAL3+ Certification Effort

Since 1986, customers have looked to Vanguard as the single-source solution
for increased security through robust software products, comprehensive
support, in-depth training programs, expert consulting, and security system
migrations.

Security Groups including sites to security groups from national or regional relevance.

qualification edp

----The Electronic
HealthCare Network Accreditation Commission (EHNAC) announced today it
has posted its new draft Healthcare Network Registry Criteria Version
5.0 on its web page for public review and comment.org

About EHNAC

EHNAC is an independent, not-for-profit accrediting agency that
provides independent peer evaluation of an organization's ability to
perform at industry -established levels.org

Note: This press release contains forward-looking statements that
reflect our current assumptions and expectations regarding future
events.
"There is no such thing as 100 percent protection, but organizations can
achieve a highly effective level of security by following the advice in COBIT
Security Baseline," said Erik Guldentops, CISA, CISM, advisor to ITGI . Bailey, Vanguard's Founder, CEO
+ CTO."
The Common Criteria (CC) is an internationally recognized ISO standard
(ISO/IEC 15408) used by the Federal government and other organizations to
assess security and assurance of technology products.

forensic issa

itgi. It is obvious that the trust in the
correct operation of Enforcer is as important as the trust in the security
functions of z/OS itself.

crypto relevance

isaca. "Thanks to the close collaboration between Vanguard, IBM and atsec, as
well as atsec's broad experience in security evaluation, customers will soon
benefit from security assurances and the seal of approval that will further
elevate our solutions in the marketplace. Continuously
monitoring that z/OS is still configured securely and has not been
accidentally or deliberately reconfigured in a way that would lower the level
of security needs to be part of the security management of a z/OS
installation. Each year,
Vanguard produces the world's pre-eminent security conference: the Vanguard
Enterprise Security Expo(TM).

securing crypto

EHNAC encourages all interested parties to review the draft
Healthcare Network Registry Criteria Version 5. To
review the draft Healthcare Network Registry Criteria Version 5.

IT Governance Institute Issues Information Security Survival Kits

"
According to the publication, the benefits of good information security go
beyond addressing risks. A printed version including laminated Survival Kit sheets is
available for US$20 from http://www.
Vanguard plans to pursue security certification for additional software. Vanguard's Professional Services specialize in assisting
organizations with the process of ensuring and protecting the integrity of
their Information Systems and the confidentiality of their data.com, or by calling 1-877-794-0014.

shmoocon intosai

The mission of EHNAC is to
promote standards, quality service, innovation, cooperation and open
competition within the healthcare EDI industry.EHNAC. Vanguard's Enforcer product can be an important piece of an
automated security monitoring process.

security intosai

Small entities involved in healthcare electronic commerce can use
these criteria to measure themselves against a core set of the
industry's most recognized standards for Healthcare Networks best
practices.

About ITGI and COBIT
The IT Governance Institute(R) (ITGI) (http://www. All trademarks are the properties
of their respective owners.

auditing issa

EHNAC Establishes New Draft HealthCare Network Registry Criteria; EHNAC is Developing a Program for Small Businesses Involved in Healthcare Electronic Commerce

resist rcmp

We expressly disclaim any intent or obligation to update any
forward-looking statements.itgi.

sofia cobit

Vanguard's commitment to accelerate the development and certification of
its world-class software products as secure, industrial strength security
solutions is further demonstration of Vanguard's commitment to quality and the
dedication to protecting the world's critical information infrastructure.

shmoocon crypto

The draft Healthcare Network Registry
Criteria will be available for public review for a period of 60 days
from the date of this press release."
COBIT Security Baseline can be downloaded from http://www.

rcmp dept

COBIT (Control
Objectives for Information and related Technology) issued by ITGI and now in
its third edition, is internationally accepted as good practice for control
over information, IT and related risks.

europes incident

After the review period has
completed the final version will be published and implemented.
These entities include clearinghouses , transactions processors,
value-added networks (VANs), payers, providers and provider management
organizations.org) was
established in 1998 to advance international thinking and standards in
directing and controlling enterprise information technology.
"Having z/OS set up securely is just the initial step. Having successfully finished the Common Criteria
evaluation of z/OS, atsec is proud to be selected as the laboratory to perform
the Common Criteria evaluation of Vanguard's Enforcer product," said Sal
LaPietra, President and CEO of atsec information security corporation .

Vanguard Integrity Professionals and Vanguard Enforcer are trademarks of
Vanguard Integrity Professionals -- Nevada.

cisa shmoocon

The Healthcare Network Registry Program
will rely on a core subset of EHNAC 's clearinghouse industry criteria,
long recognized as the most comprehensive statement of best practices
in the field. The first of
Vanguard's products to undergo the certification process will be Vanguard
Enforcer(TM), a host-based intrusion detection software product for the IBM
zSeries mainframe . It
is widely recognized among IT professionals, government agencies, and
customers as a seal of approval for mission-critical software.

aiming cisa

The Program will also enable successful registrants a way
to insure their customers that they will use their commercially
reasonable best efforts to meet the Program standards in their day to
day operations and services.0 posted on EHNAC's web
page and provide any comments. Under Common
Criteria, products are evaluated against strict standards for various
features, such as the development environment, security functionality, the
handling of security vulnerabilities, security related documentation and
product testing.

trusted resist

ehnac.

About Vanguard
Vanguard Integrity Professionals -- Nevada is a pioneer and recognized
world leader in security solutions for critical infrastructure computing.

cobit europes

"COBIT Security Baseline and its Survival Kits are very
timely, especially with regulatory compliance requirements such as
Sarbanes -Oxley and HIPPA right around the corner.

dept aiming

Some are offering services for security as CERT (Computer Emergency Response Teams).

resist edp

Business Editors/Healthcare Editors

FARMINGTON, Conn. Gaps in security are frequently caused by:

-- New technologies creating new vulnerabilities
-- Insufficient security awareness education and training
-- Lack of prompt maintenance and patching
-- Increased networking and mobile computing
-- Insufficient discipline over controls
-- Determined hackers, criminals and terrorists
-- Increased legislative, legal and regulatory security requirements

"We plan to use ITGI's publication as a handout in our 2005 information
security awareness program because everyone in our organization, from
employees to senior managers , and those who use their home computers to
perform company work, needs to be aware of information security risks and
their responsibilities," said Anthony Passaniti, head of information security ,
Swiss Re, USA.