The Health Insurance Portability and Accountability Act (HIPAA) regulation impacts those in healthcare that exchange patient information electronically. HIPAA regulations were established to protect the integrity and security of health information, including protecting against unauthorized use or disclosure of the information.

HIPAA states that a security management process must exist in order to protect against “attempted or successful unauthorized access, use, disclosure, modification, or interference with system operations”. When breach of medical records occurs, healthcare service providers damage their brand value and end up paying a hefty monetary penalty.

EventLog Analyzer can easily monitor both perimeter devices, such as IDSs, as well as insider activity. HIPAA regulations mandate analysis of all logs, including OS and application logs.

164.308(a)(1)(ii)(D) – Object Access

• Object Accessed
• Object Created
• Object Modified
• Object Deleted
• Object Handle

164.308(a)(3)(ii)(A) & (a)(4)(ii)(B) – Account Logon

• Successful User Account Validation
• Unsuccessful User Account Validation

164.308(a)(5)(ii)(C) & (a)(6)(ii) – Logon

• Successful User Logons
• Successful User Logoffs
• Unsuccessful User Logons
• Terminal Service Session

164.308(a)(7)(i) – System Events

• System Logs

Audit Logs Clearedv