There are 154 separate risks underlying the HIPAA compliance security standard. Addressing and continually monitoring each of these risks individually can be an enormous task for a security officer. SIEM technology allows most of these risks to be identified, addressed and monitored.
SIEM technology allows for the collection of security events across devices, with automated cross-correlation of activity. HIPAA specific use cases built into a SIEM tool allow ePHI risks to be displayed in dashboards, channels, or reports.
For example, the login events from a Windows Active Directory server can be correlated against access events from a badge reader system. Where a login of an employee with credentials to a system containing ePHI does not match the recent access logs from the badge reader system, an alert is sent to the Security Officer. This alert contains actionable information to allow for fast remediation of a potential compliance issue. If the Security Officer wishes to look deeper into the issue, they can then open a web based portal to the SIEM, verify both login and badge reader activity and quickly resolve a potential breach of Access control and Validation procedures – Physical Safeguard §164.310(a)(2)(iii).
Use cases such as the above example can be created for the majority of the Security Standards.
The framework for ePHI compliance can be built into the structure of SIEM content, allowing for compliance to be reviewed by the individual security standards.Reviewing the reports, dashboards, and channels by Security Standard allows a Security Officer to identify compliance gaps, and monitor their remediation. Should the Security Officer face a HIPAA audit, they can pull up reports by Security Standards all from a single interface.
Proficio’s ProView web portal provides reports and dashboards tailored to specific HIPAA requirements allowing security and compliance officers to quickly visualize their compliance posture.