solutions customers support news partners about contact
 

FAIRWARNING® Best-of-breed HIPAA Privacy Auditing

FairWarning® provides best-of-breed solutions for rapidly and easily  addressing compliance responsibilities for systematically reviewing audit logs associated with all systems that access Protected Health Information.    

FairWarning® addresses investigation and privacy auditing responsibilities in HIPAA, FTC Red Flags Rule as well as AB 211 and SB 541>> (DETAILED MAPPING IN pdf).

Background on HIPAA Privacy Auditing
The Department of Health and Human Services introduced HIPAA to establish standards for the security of health information. HIPAA sections 164.308, 164.312, 164.306 outline specific standards that have been laborious and time consuming for organization which deal in protected health information:

Implement policies and procedures to prevent, detect, contain and correct security violations
Implement procedures to regularly review records of information system activity such as audit logs, access reports and security incident tracking reports
Identify and respond to suspected or known security incidents; mitigate harmful effects of security incidents
Establish procedures that record and examine activity in information systems that contain or use Protected Health Information (PHI).

The FairWarning® Privacy Auditing HIPAA Solution 
FairWarning addresses these core aspects of compliance by providing out of the box capabilities such as:

Compliance auditing that is capable of constructing a detailed forensic trail across multiple systems, applications, users and transactions
A centralized audit log repository that is highly scalable and flexible so that a growing number of audit log sources can be added
Rapid incident investigation including the ability to construct custom queries that involve transactions or activities across multiple systems and applications
Rapid construction of custom queries involving specific date ranges and unlimited combinations of applications, systems, fields, field types and users
Correlated security events involving users, applications, systems and data fields
Monitoring and alerting for security incidents
Flexible support for application, system and custom audit logs

While the specific legislative requirements are sometimes vague, some core elements of information security compliance are the same. The need to perform comprehensive audits, centralize audit logs, conduct incident investigations with a forensics trail, monitor for reasonably anticipated security incidents, and provide for years of archived security information are all core elements of compliance legislated information security requirements.

###

home | solutions | compliance | news | about | contact | support
 
SEARCH:  
Privacy Statement | Site Map 1-866-602-8433
© Copyright 2004-2009 FairWarning, Inc.
All rights reserved Various trademarks held by their respective owners.
Healthcare Applications Compliance Investigate Deter Audit Detect Privacy Surveillance Solutions