Five Ways to Use Security Intelligence to Pass Your HIPAA Audit

Similar documents
IBM QRadar Security Intelligence April 2013

IBM SECURITY QRADAR INCIDENT FORENSICS

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

What is Security Intelligence?

Security strategies to stay off the Børsen front page

QRadar SIEM and Zscaler Nanolog Streaming Service

Running the SANS Top 5 Essential Log Reports with Activeworx Security Center

QRadar SIEM 6.3 Datasheet

QRadar SIEM and FireEye MPS Integration

Q1 Labs Corporate Overview

Ecom Infotech. Page 1 of 6

The Impact of HIPAA and HITECH

IBM Security Intelligence Strategy

IBM Security QRadar QFlow Collector appliances for security intelligence

IBM Security QRadar Risk Manager

Enterprise Security Solutions

The Value of QRadar QFlow and QRadar VFlow for Security Intelligence

IBM Security QRadar Vulnerability Manager

How To Manage Security On A Networked Computer System

IBM Security IBM Corporation IBM Corporation

Tivoli Security Information and Event Manager V1.0

Log management & SIEM: QRadar Security Intelligence Platform

WHITEPAPER. Addressing Them with Adaptive Network Security. Executive Summary... An Evolving Network Environment Adaptive Network Security...

Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.

IBM Security QRadar SIEM Product Overview

QRadar Security Management Appliances

IBM Security QRadar Risk Manager

IBM QRadar as a Service

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

File Integrity Monitoring: A Critical Piece in the Security Puzzle. Challenges and Solutions

White Paper: Meeting and Exceeding GSI/GCSx Information Security Monitoring Requirements

IBM QRadar Security Intelligence Platform appliances

End-user Security Analytics Strengthens Protection with ArcSight

Extreme Networks Security Analytics G2 Risk Manager

FIVE PRACTICAL STEPS

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

Best Practices for Building a Security Operations Center

IBM Security Intrusion Prevention Solutions

WHITEPAPER. Addressing Them with Secure Network Access Control. Executive Summary... An Evolving Network Environment... 2

Clavister InSight TM. Protecting Values

SecureVue Product Brochure

Total Protection for Compliance: Unified IT Policy Auditing

Best Practices for PCI DSS V3.0 Network Security Compliance

Boosting enterprise security with integrated log management

Scalability in Log Management

ADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT

Security Intelligence Solutions

Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence

Extreme Networks Security Analytics G2 Vulnerability Manager

LOG INTELLIGENCE FOR SECURITY AND COMPLIANCE

White Paper. Ensuring Network Compliance with NetMRI. An Opportunity to Optimize the Network. Netcordia

TRIPWIRE NERC SOLUTION SUITE

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Vulnerability Management

Privilege Gone Wild: The State of Privileged Account Management in 2015

Continuous Network Monitoring

Converting Security & Log Data into Business Intelligence: Art or Science? Phone Conference

ARRA HITECH Stimulus HIPAA Security Compliance Reporter. White Paper

Achieving PCI-Compliance through Cyberoam

Effective Threat Management. Building a complete lifecycle to manage enterprise threats.

The webinar will begin shortly

IBM Security Operations Center Poland! Wrocław! Daniel Donhefner SOC Manager!

Information Technology Policy

THE TOP 4 CONTROLS.

Demonstrating the ROI for SIEM: Tales from the Trenches

Privilege Gone Wild: The State of Privileged Account Management in 2015

Compliance and Security Information Management for PCI DSS Requirement 10 and Beyond

ipatch System Manager - HIPAA Compliance

NEW PERSPECTIVES. Professional Fee Coding Audit: The Basics. Learn how to do these invaluable audits page 16

Preemptive security solutions for healthcare

The Firewall Audit Checklist Six Best Practices for Simplifying Firewall Compliance and Risk Mitigation

DEMONSTRATING THE ROI FOR SIEM

FIVE KEY CONSIDERATIONS FOR ENABLING PRIVACY IN HEALTH INFORMATION EXCHANGES

SolarWinds Security Information Management in the Payment Card Industry: Using SolarWinds Log & Event Manager (LEM) to Meet PCI Requirements

Enterprise Security and Risk Management

Security Information & Event Management (SIEM)

Everything You Wanted to Know about DISA STIGs but were Afraid to Ask

Top 20 Critical Security Controls

Eric Moriak - CISSP, CISM, CGEIT, CISA, CIA Program Manager - IT Audit Children s Medical Center Dallas. Dallas, Texas

The SIEM Evaluator s Guide

SANS Top 20 Critical Controls for Effective Cyber Defense

Redhawk Network Security, LLC Layton Ave., Suite One, Bend, OR

1 Introduction Product Description Strengths and Challenges Copyright... 5

CALNET 3 Category 7 Network Based Management Security. Table of Contents

Trend Micro. Advanced Security Built for the Cloud

March

DMZ Gateways: Secret Weapons for Data Security

Protection & Compliance are you capturing what s going on? Alistair Holmes. Senior Systems Consultant

ForeScout CounterACT and Compliance June 2012 Overview Major Mandates PCI-DSS ISO 27002

LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE

SIEM Optimization 101. ReliaQuest E-Book Fully Integrated and Optimized IT Security

RAVEN, Network Security and Health for the Enterprise

LogInspect 5 Product Features Robust. Dynamic. Unparalleled.

QRadar Security Intelligence Platform Appliances

whitepaper The Benefits of Integrating File Integrity Monitoring with SIEM

SP Monitor. nfx One gives MSPs the agility and power they need to confidently grow their security services business. NFX FOR MSP SOLUTION BRIEF

IBM Advanced Threat Protection Solution

Transcription:

e-book Five Ways to Use Security Intelligence to Pass Your HIPAA Audit

HIPAA audits on the way 2012 is shaping up to be a busy year for auditors. Reports indicate that the Department of Health and Human Services Office for Civil Rights will be conducting as many as 150 HIPAA audits throughout the year. Audit targets will vary based on size, business type, and previous violations although it is reported that the latter will be less of a focus. Right now, we don t know how invasive the audits will be, who will be targeted, and when exactly they will begin, but we do know that audits are coming. Is your organization at risk? Are you prepared? To help you make sure you re in shape to face the auditors knock, here are a few tips on how to make passing a HIPAA audit much less painful by using Security Intelligence to your advantage. 2

43% Percentage of [healthcare] organizations that grade their ability to counter information security threats as poor, failing or in need of improvement Source: 2011 ismg Healthcare Information Security Survey 3

1 Log, store, and correlate events along with network activity to create a baseline Consolidating data, storing logs, and correlating events and network activity will help you gather a baseline of data needed to show compliance. Healthcare data often resides in disparate systems across the organizations. If you have only a month to prepare for a HIPAA audit, will you be ready in time? Think back to the last time you had to search logs for important information. How many people were involved? How many hours, or days, did you waste? If you have a small team, how did this impact your ability to address other issues? 4

Recommendations The key to making sure you are able to prepare for an audit in a short amount time lies in the ability to quickly and easily access your data; this is where an intelligent, automated and integrated solution like the QRadar Security Intelligence Platform comes into play. In a recent QRadar deployment, Arkansas Children s Hospital was able to consolidate, filter, and protect their growing silos of log data. Not only were they able to quickly deploy QRadar, the security team found that it immediately integrated with existing log-producing sources and helped them identify potential offenses in real-time. Centralizing log events from sources containing critical patient information and using automated reporting functions enabled them to go beyond compliance, and achieve total security intelligence. Watch this video to hear what other benefits Arkansas Children s Hospital gained from the QRadar Security Intelligence Platform. 5

26% Percentage of organizations that have yet to conduct a risk assessment, as mandated under HIPAA Source: 2011 ismg Healthcare Information Security Survey 6

2 Use a risk management solution to address network and device vulnerabilities A risk assessment will analyze your network and device configuration for potential vulnerabilities, shifting you from reactive to proactive in the way you manage threats. Demonstrate that you are aware of all activity and configurations across your network; have vulnerabilities properly documented with evidence that they are actively being mitigated. Healthcare organizations are facing more frequent auditing and continuously pressured to comply with various regulations, stages and rules. Risk management is crucial to satisfy compliance regulations, prevent exploits from occurring, and predict potential vulnerabilities. It provides the context needed to determine exact risk levels through device configuration and policy monitoring, and allows you to get in front of threats, before they become a real problem. 7

Recommendations The QRadar Security Intelligence Platform includes a comprehensive list of industry specific policy templates various healthcare mandates including HIPAA to help determine risk and prioritize actions. Out of the box, QRadar can help you catch vulnerabilities that otherwise would have gone undetected. Watch this video testimonial from Ohio Health, describing the benefits they saw from QRadar, including the ability to proactively prevent attacks and see threats before they become a problem. 8

With the QRadar product, we re able to see a lot of things before they even occur, and prevent them up-front before it becomes a real problem It s a very proactive tool. It helps us get in front of the things that we need to be in front of - Q1 Labs Customer, Ohio Health 9

3 Limit mobile devices to viewing data, not storing Use, verify, and document encryption for media and mobile devices. The data on your mobile data device must be encrypted. If you backup the data from your device to another device that is not encrypted the backup data must also be encrypted. I would expect to see, in the long run, a phase out of desktop computers and a phase in of mobile devices. - Roger Baker, CIO of the Department of Veterans Affairs 10

Recommendations How do you demonstrate that IT staff and users are adhering to this level of encryption policy? The only way is to monitor actual network activity. The QRadar Security Intelligence Platform s flow capabilities provide an advanced level of packet analysis, enabling recognition of applications and protocols such as VoIP, ERP, database appliances, and more. QRadar has the ability to examine every packet and pull this data together into one location, providing context and actionable information. This helps prevent employees from accessing private patient information, and misconfigured vulnerable systems from exposing the network to threats. Further, being able to demonstrate that you are in compliance with these policies can be easy using the hundreds of pre-built reports that address many of the major compliance regulations including HIPAA. Want to know the top daily security and policy offenses? How about the most targeted IPs for a given week? 11

...ease of use was a big reason [we chose QRadar]. The second was the way it integrates with flow data it just turned out to be an invaluable tool. [We get] visibility into the traffic flowing across our network the information it brings to light sometimes scares you. - Q1 Labs Customer, Arkansas Children s Hospital 12

4 Document a plan to achieve compliance and begin acting on it It s important to show a good faith effort to the auditor(s). Even if you don t have every box checked and completed, put together a comprehensive list of goals and steps needed to achieve each of them. For example, if a healthcare organization is in any way responsible for electronic transactions with partners or other organizations, they must comply with HIPAA code. If this organization cannot immediately show compliance, the second best option is to document its good faith efforts to comply with the standards and submit a corrective action plan. Some symbols of good faith in this case might be an increase external testing with payment partners, attempt at testing with partners, and proving any efforts to comply that took place before or after the audit. 13

Recommendations Security intelligence can make the discovery, documentation and planning process straight forward. Through a centralized, browser-based console, QRadar offers a consolidated view of an organization s security environment. The console provides role-based access by function and a global view to access real-time analysis, incident management, and reporting. Users across the Information Security, Operations and Auditing teams can customize their own workspaces; drill down into specific events, network flows, or threats. To see a demonstration of how the QRadar Security Intelligence Platform can help you demonstrate compliance with mandates and internal policies, watch this video. A bonus tip - be sure to revise and update your security policies after every risk assessment. 14

23% Percentage of organizations that have been breached in the last 12 months Source: 2011 HIMSS Leadership Survey 15

5 Protect ephi and PII at all costs Electronic Medical Record (EMR) systems, billing systems, servers, x-ray machines, ultrasound devices, etc can all hold Electronic Protected Health Information (ephi). Make sure that your security intelligence solution includes the correct event sources and network traffic to properly secure and monitor ephi. According to the 2011 HIMSS Leadership Survey, the top concern of senior IT security professionals in the healthcare industry is an internal breach of security. As more organizations move towards ephi, this concern (and threat potential) will increase. To keep records secure, information security teams need real-time access to data showing unauthorized access to systems to keep ephi from being accessed, disseminated, or otherwise compromised, either intentionally or accidentally, from both internal and external sources. 16

Recommendations The QRadar Security Intelligence Platform protects ephi and PII by providing visibility across the entire infrastructure to deliver a manageable set of prioritized security threats along with identity information that is critical to rectify the situation. To quickly identify internal misuse, QRadar will display internal threats and integrate with pre-existing Identity and Access Management (IAM) solutions. Combined, these data sources develop a complete picture of an asset s user identity and behavior as well as vulnerability state, which is not available through IAM solutions alone. Daily HIPAA 164.312(e)(1) - 2, 3, & 4 Traffic to Trusted Segments from Untrusted Segments Details PCI 4.1 - Protocols to Trusted Network Zones Oct 5, 2010 12:00:00 AM - Oct 6, 2010 12:00:00 AM Destination Port Event Name (U Log Source (U Event Co Category (U Source IP (U Destination IP Username (U Count nique Count) nique Count) unt (Sum) nique Count) nique Count) (Unique Count) nique Count) 0 Multiple (3) Multiple (2) 1 935 Multiple (2) Multiple (4) Multiple (2) Multiple (68) 1 925 17

66% Percentage of organizations whose top concern is compliance with HIPAA and preventing a security breach. Source: 2011 HIMSS Leadership Survey 18

Protect and comply with Security Intelligence Security Intelligence can help you exceed the technical controls in HIPAA compliance mandates by improving your organization s ability to protect sensitive patient information and related data. This is accomplished by combining log management, SIEM, network behavior analysis, and risk management into a single solution. With real-time network behavior analysis, healthcare organizations have deeper visibility into the behavior profiles of systems, applications and users across their organization s entire network. As a result, product acquisition, deployment, and operational costs are a fraction of alternative point product solutions, thus maximizing return on investment, while minimizing security threats for healthcare organizations protecting critical patient data. To visualize how QRadar can keep you protected before, during and after an attempted breach, watch this video of the Security Intelligence timeline. 19

Want more information? Visit: q1labs.com/healthcare Read: Security Intelligence for Healthcare Brochure Watch: Prioritizing Security and Compliance Management for Healthcare Organizations 20

Connect and share! blog 21

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information