Consul Announces HIPAA Regulatory Compliance Management Module for Insight Security Manager.HERNDON, Va. -- Provides Continual Auditing of User Behavior and Data Access to Facilitate HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, Compliance Consul risk management, Inc., the worldwide provider of security event audit and compliance solutions for the enterprise, today announced a new Regulatory Compliance Management Module to help organizations comply with the HIPAA Security Rule. The new HIPAA Regulatory Compliance Management Module for Consul InSight Security Manager(TM) 5.0 (Consul InSight(TM)) provides vital capabilities for compliance with HIPAA. With the HIPAA Regulatory Compliance Management Module, Consul InSight helps organizations tackle the HIPAA Security Rule's audit and risk assessment requirements by continually auditing user behavior and data access for policy compliance. This is critical as the April 2005 deadline for HIPAA security compliance approaches. "Organizations are grappling with looming deadlines for HIPAA compliance, and many are baffled about how to achieve it," said Joseph Sander, president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of Consul. "Audit and risk assessment play critical roles in the regulation; Consul has been assisting companies with these issues for more than two decades. With the addition of the HIPAA Regulatory Compliance Management Module, Consul InSight is making it even easier for organizations affected by HIPAA to demonstrate compliance within the deadline and maintain these security/privacy processes." "Consul InSight helps fulfill our HIPAA audit and logging requirements by archiving audit logs and monitoring root and administrator account usage," said Rob Hoffpauir, senior systems engineer at Louisiana Health Service & Indemnity Company. "Not only does Consul InSight assist with HIPAA compliance, but it also helps us to meet our internal audit requirements by monitoring, archiving and investigating security events throughout the enterprise." HIPAA: Challenging Requirements, Looming Deadlines Finalized in 2003 to improve the overall security of healthcare information systems and protect patient's privacy, the Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. According to the Centers for Medicare and Medicaid Services (CMS) website, Title I of HIPAA protects health insurance coverage for workers and their families when of 1996 (HIPAA)'s Final Security Rule contains a looming April 2005 deadline. All impacted health care organizations must have plans to ensure the confidentiality, integrity and availability of protected health information protected health information Health informatics Any individually identifiable health informatlon that is used or circulated by an entity that falls under the governance of HIPAA; the privacy regulations mandate safeguards for protected health information, and the that a covered entity receives, maintains or transmits. Two of the more challenging requirements in the Security Rule involve audit and control, and risk assessment. Organizations need to select a compliance approach that not only allows them to meet the April 2005 deadline, but also enables them to maintain compliance going forward. Meeting HIPAA Auditing, Logging and Risk Management Requirements The HIPAA Regulatory Compliance Management Module is an integrated add-on to Consul InSight. Consul InSight helps organizations meet HIPAA's audit and logging requirements by collecting and centralizing cen·tral·ize v. cen·tral·ized, cen·tral·iz·ing, cen·tral·iz·es v.tr. 1. To draw into or toward a center; consolidate. 2. security log data from heterogeneous sources, filtering collected information against security policy and automatically triggering appropriate actions and alerts upon detecting suspicious activities. In addition, Consul InSight archives normalized log data for forensic review and provides consolidated viewing and reporting through a central dashboard. The HIPAA Security Rule specifies that covered entities must conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity and availability of electronic protected health information held by the covered entity. With this risk assessment being so fundamental to HIPAA compliance, organizations must quickly align the reality of their business operations Business operations are those activities involved in the running of a business for the purpose of producing value for the stakeholders. Compare business processes. The outcome of business operations is the harvesting of value from assets with their information protection and compliance requirements Compliance requirements are a series of directives established by United States Federal government agencies that summarize hundreds of Federal laws and regulations applicable to Federal assistance (also known as Federal aid or Federal funds). . Consul InSight provides organizations with a quick and accurate way to baseline users and IT assets, benchmark access behavior, establish access policy, and identify and report policy exceptions. Consul InSight uses its patent-pending W7 methodology (Who did What, When, Where, Where from, Where to and on What) to consolidate, normalize normalize to convert a set of data by, for example, converting them to logarithms or reciprocals so that their previous non-normal distribution is converted to a normal one. and analyze vast amounts of user and system activity, delivering instant alerts and reports on who touched what information and how those actions may violate external regulations or internal security policies. By comparing user activity to customizable HIPAA policy templates, Consul InSight accelerates organizations' HIPAA compliance efforts. Implementation of Consul InSight accelerates compliance in the following ways: 1. Specific recommendations for audit and alert configuration allow for the proper generation of information needed for security event management. This audit trail of all network activity easily highlights events that violate HIPAA security policy. 2. Customizable security policies that are designed to enable compliance to HIPAA. 3. Real-time alerts and 100-plus compliance relevant reports enable organizations to track, measure and resolve security breaches related to HIPAA-relevant data. 4. Guidelines and technology for archiving crucial security log information to meet security best practices that are relevant to HIPAA, as well as other standards, such as ISO (1) See ISO speed. (2) (International Organization for Standardization, Geneva, Switzerland, www.iso.ch) An organization that sets international standards, founded in 1946. The U.S. member body is ANSI. 17799 and COBIT (Control OBjectives for Information and related Technology) A business-oriented set of standards for guiding management in the sound use of information technology from the Information Systems Audit and Control Association (ISACA) (www.isaca.org). . 5. Forensic capabilities provide drill-down, cross-platform investigative functionality to simplify the required investigation of HIPAA-related security events. More information about how the new HIPAA Regulatory Compliance Management Module for Consul InSight facilitates HIPAA Security Compliance is available online at: www.consul.com. Pricing and Availability The HIPAA Regulatory Compliance Management Module for Consul InSight will be available at the end of 2004. Pricing will start at $30,000. About Consul InSight(TM) Security Manager The Company's flagship product A primary product of a company, which is typically why the company was founded and/or what made it well known. For example, MS-DOS, Windows and the Microsoft Office suite have been flagship products of Microsoft. CorelDRAW is a flagship product of Corel Corporation. , Consul InSight, delivers powerful, automated security event audit and compliance software that monitors, reports and investigates both malicious and accidental violations. Only Consul InSight uses a patent-pending W7 methodology to consolidate, normalize, and analyze vast amounts of user and system activity, delivering instant alerts and reports on who touched what information and how those actions may violate external regulations or internal security policies. New Sarbanes-Oxley, GLBA GLBA Gramm-Leach-Bliley Act of 1999 (Financial Modernization Act of 1999) GLBA Gay and Lesbian Business Association GLBA Great Lakes Booksellers Association GLBA Glacier Bay National Park and Preserve and ISO 17799 Regulatory Compliance Management Modules for Consul InSight act like an auditor to streamline compliance efforts, offering regulation-specific, out-of-the-box policy templates, a dashboard and dozens of regulation-specific reports. About Consul risk management, Inc. Consul risk management, Inc., a worldwide leader in security event audit and compliance solutions delivers to the market "The InSight Required" for sound compliance, security event management, and identity and access management initiatives. With its roots as the premier provider of mainframe administration and audit products, Consul's enterprise solutions monitor, report and investigate both malicious and accidental violations of information use against external regulations and internal policies. Consul has more than 300 customers in nearly two-dozen countries, including the Philadelphia Stock Exchange Philadelphia Stock Exchange (PHLX) A securities exchange trading American and European foreign currency options on spot exchange rates. , Fidelity Financial Services The examples and perspective in this article or section may not represent a worldwide view of the subject. Please [ improve this article] or discuss the issue on the talk page. , Kroger, Wachovia, The New York New York, state, United States New York, Middle Atlantic state of the United States. It is bordered by Vermont, Massachusetts, Connecticut, and the Atlantic Ocean (E), New Jersey and Pennsylvania (S), Lakes Erie and Ontario and the Canadian province of Times, Blue Cross/Blue Shield, Office Depot Office Depot (NYSE: ODP) is one of the world's leading suppliers of office products and services. The Company's selection of brand name office supplies includes business machines, computers, computer software and office furniture, while its business services encompass copying, , Ford and many government agencies. Named "Organization of the Year" by ISSA (Information Systems Security Association, Bellingham, WA, www.issa.org) A membership organization that promotes effective management practices for computer security. Founded in 1982, ISSA has chapters in more than 20 countries and hosts an annual conference. (Information Systems Security Association), the Company has dual headquarters in the United States United States, officially United States of America, republic (2005 est. pop. 295,734,000), 3,539,227 sq mi (9,166,598 sq km), North America. The United States is the world's third largest country in population and the fourth largest country in area. and The Netherlands and is represented by 25 partners worldwide, including BMC Software BMC Software, Inc. NYSE: BMC, is an American enterprise management software provider, focusing on IT infrastructure applications. BMC was founded in 1980 and is headquartered in Houston, Texas. . For additional information about Consul and its products, services and partners, please contact Consul at 1 800.258.5077 or +31 (0) 15.251.3333 (Worldwide), or at www.consul.com. Consul InSight, Consul InSight 5.0, Consul InSight Security Manager (and "The InSight Required") are trademarks of Consul risk management, Inc. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion