HIPAA

The Health Insurance Portability and Accountability (HIPAA) regulation impacts healthcare organizations that exchange patient information electronically. HIPAA calls for tightly controlling and monitoring access to confidential patient information.

One of the specific requirements in HIPAA relates to the collection, analysis and preservation of system and application event logs that document the access to electronic protected health information (EPHI).

Event logs represent the best way to monitor and record access to EPHI. With an effective Security Information and Event Management (SIEM) solution in place, health care providers and other covered entities have the ability to:

• collect and analyze event logs throughout the facility
• diagnose security problems and prevent information breaches by detecting patterns of activities in real-time
• maintain an audit trail that can be shown to Auditors to demonstrate compliance with the HIPAA rules