Cisco SDA's micro-segmentation CJIS and HIPAA compliant?

bhng · ‎11-12-2019

Team, In preparation for our customer Alameda County's Executive Briefing Review could you please advise whether our Cisco SDA's micro-segmentation using Virtual Networks is CJIS for law enforcement and HIPAA for health care compliant?

Today Alameda County needs to have separate physical equipment (FW's, Routers, Switches, Wireless AP's, WLC controllers) for the Sheriff's Office. Therefore, if Cisco SDA's micro-segmentation can be used to offer to logical separation while meeting the CJIS compliance needs this could be a good selling point for our Cisco SDA solution.

Thanks.

Bill Ng

bhng@cisco.com

(408)894-1968

Scott Hodgdon · ‎11-12-2019

Bill,

Cisco SD-Access micro-segmentation is comprised of two components: VNs (VRFs) and SGTs. Both of these have been certified as PCI compliant on their own and have been deployed in healthcare organizations for years. One of the first deployments of Cisco SD-Access was with Children's Hospital in Los Angeles (https://www.cisco.com/c/en/us/solutions/enterprise-networks/children-hospital-los-angeles.html), and I cannot imagine they would have been able to deploy with HIPAA compliance. I am not familiar with CJIS compliance.

Cheers,
Scott Hodgdon

Senior Technical Marketing Engineer

Enterprise Networking Group

bhng · ‎11-13-2019

CJIS is Criminal Justice Information Services:

https://www.ftptoday.com/blog/what-is-cjis-compliance

Is Cisco SDA’s CJIS compliant?

Thanks.

Bill Ng