PCI DSS

The Perfect Rx for HIPAA Compliance

AlienVault Unified Security Management™ (USM) helps you simplify and accelerate HIPAA compliance with a full set of essential security capabilities all built into one complete solution.

Explore the Online Demo

Trusted by thousands of customers.

SubaruAmy'sHard Rock CafeHuluU.S. Air ForceeHarmonyABPBenaissanceOklahoma UniversityUbisoftWintershallTHSBNemo ExpressProgressSkyhighZioskSave Mart SupermarketsHigh Plains BankEpsilon Systems SolutionsPeet's Coffee and TeaPepco Holdings IncDaveyFlorida Heart Research InstituteRegis UniversityLifespan BioscienceThe New York Times

Accelerate and Simplify HIPAA Compliance Management

Traditional SIEM products aren’t sufficient for meeting HIPAA compliance requirements and keeping up with today’s changing cyber security landscape. They’re costly, complex, and take too long to deploy.

AlienVault USM™, with its unique unified approach, delivers a more comprehensive solution that costs less and delivers results in significantly less time.

Request a Demo

Read the Solution Brief

USM Sample HIPAA Report

AlienVault USM provides you with the functionality you need to measure HIPAA compliance, in a single platform:

  • Discover all IP-enabled assets, including OS details
  • Identify vulnerabilities like unpatched software or insecure configurations
  • Correlate security events automatically with over 2,500 predefined correlation directives
  • Detect threats already in your network, like botnets, trojans & rootkits
  • Understand the objectives of threats targeting your network
  • Speed incident response with built-in remediation guidance for every alert
  • Monitor and report on security controls required for HIPAA compliance

Threat Intelligence for HIPAA Compliance

IT teams of all sizes suffer from too much log data and not enough threat intelligence, as security tools generate a steady stream of alerts about important (and not so important) activity. Without deep security expertise you are then required to conduct research into each alarm to understand the significance of each alarm and what to do about it.

AlienVault USM’s integrated threat intelligence from AlienVault Labs eliminates the need for you to spend precious time conducting your own research. The AlienVault Labs team regularly delivers threat intelligence as a coordinated set of advanced correlation rules and product updates, including up-to-the-minute guidance on emerging threats and context-specific response advice, which accelerates and simplifies threat detection and remediation.

Threat Detection for
Healthcare Organizations

According to the Identity Theft Resource Center, healthcare organizations suffered 42.5% of breaches identified in 2014. It’s impossible to stop a dedicated, patient attacker from penetrating even the most secure network. Therefore, it’s essential to detect and respond to attacks as quickly as possible.

At AlienVault, we help healthcare organizations of all sizes achieve world-class threat detection and incident response without the headaches and huge expense of other solutions. Our unified approach puts hours back in your day with automated threat detection and integrated threat intelligence that eliminate manual, time-consuming log analysis and threat research.

AlienVault USM has helped healthcare organizations like Shriners Hospitals, Kaiser Permanente and Novo Nordisk accomplish these key tasks:

  • Identify vulnerabilities on assets that store electronic protected health information (ePHI)
  • Maintain an audit log of who has accessed ePHI
  • Identify systems communicating with malicious IPs, a sign of possible compromise
  • Identify and respond to security incidents; including remediation advice for every alert

Comprehensive Reporting and
Log Management for
HIPAA Compliance

HIPAA Standard § 164.312(b) — Audit Controls states that you must “Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.” AlienVault USM is updated regularly with new compliance reports as these regulatory standards evolve, greatly reducing the time required to assess HIPAA compliance. In addition, AlienVault USM’s intuitive reporting interface simplifies adherence to this standard with its easy to use interface and integrated scheduling functionality.

HIPAA Compliance Standard § 164.312(c)(2) deals with data integrity and requires that any covered organization “Implement electronic mechanisms to corroborate that electronic protected health information has not been altered or destroyed in an unauthorized manner.”

Alienvault USM helps entities satisfy this requirement by providing File Integrity Monitoring (FIM) on files as well as Windows registry entries and digitally signed audit logs. AlienVault USM’s FIM feature performs regular audits on files (ePHI, security configuration, or other sensitive files) by comparing its current hash state with a recorded baseline, alerting you to changes to the files makeup as well as permissions, file owner, and last modified time.

To ensure that the logs themselves have not been tampered with, AlienVault USM includes a mechanism to validate the authenticity of stored logs by digitally signing them at the block or line level. This confirms that your logs have remained unaltered while stored in the USM logger and allows for them to be admissible in a court of law.

AlienVault USM Covers Key HIPAA Requirements

§164.308 – Risk Analysis

Conduct an accurate assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of ePHI.
Learn more about Risk Analysis
Relevant USM CapabilitiesBenefits of Unified Security Management
  • Asset discovery
  • Vulnerability assessment
  • Network intrusion detection (NIDS)
  • Host intrusion detection (HIDS)
  • File integrity monitoring (FIM)
  • SIEM
  • Risk scoring & analysis
  • Built-in asset discovery, vulnerability assessment, intrusion detection, behavioral monitoring, and security intelligence—provides a complete picture of your risk posture, within hours of deployment.
  • Accurate and consolidated asset inventories combined with real-time vulnerability assessment data is essential for auditor reviews and assessments.
  • Accelerated audit procedures because integration is already completed—as soon as you install USM.

§164.308 – Information System Activity Review

Implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports.
Learn more about Information System Activity Review
Relevant USM CapabilitiesBenefits of Unified Security Management
  • Vulnerability Assessment
  • Network Intrusion Detection (NIDS)
  • Host Intrusion Detection (HIDS)
  • File Integrity Monitoring (FIM)
  • SIEM
  • Behavioral Monitoring
  • Log Management
  • Built-in asset discovery, vulnerability assessment, intrusion detection, behavioral monitoring, and security intelligence— reduces the cost and complexity of compliance.
  • Unified log review and analysis, with triggered alerts for high risk systems (containing ePHI).
  • Customized, action-oriented alerts which tell you exactly what to do, rather than add to the noise.
  • Integrated threat intelligence powered by AlienVault Labs acts like your own dedicated team of analysts.

§164.308 – Access Authorization, Establishment, and Modification

Implement policies and procedures that grant, establish, document, review, and modify a user’s access to assets.
Learn more about Access Authorization, Establishment, and Modification
Relevant USM CapabilitiesBenefits of Unified Security Management
  • Asset discovery
  • Host intrusion detection (HIDS)
  • File integrity monitoring (FIM)
  • SIEM
  • Automatically discover all ePHI assets via built-in asset discovery—no costly and complicated integration required.
  • Monitor changes to critical files with built-in file integrity monitoring (FIM).

§164.308 – Log-in Monitoring

Procedures for monitoring log-in attempts and reporting discrepancies.
Learn more about Log-in Monitoring
Relevant USM CapabilitiesBenefits of Unified Security Management
  • Host intrusion detection (HIDS)
  • SIEM
  • Built-in HIDS monitors all activity on critical files and systems.
  • Built-in SIEM correlates events that could signal policy violations such as unauthorized logins followed by additional security exposures such as data exfiltration.
  • Unified security management dashboards and reports facilitate audit reviews.

§164.308 – Protection from Malicious Software

Procedures for guarding against, detecting, and reporting malicious software.
Learn more about Protection from Malicious Software
Relevant USM CapabilitiesBenefits of Unified Security Management
  • Vulnerability assessment
  • Network intrusion detection (NIDS)
  • Host intrusion detection (HIDS)
  • File integrity monitoring (FIM)
  • SIEM
  • Behavioral monitoring
  • Built-in vulnerability assessment discovers hosts and applications that may be vulnerable to malware and other exploits.
  • Built-in intrusion detection (NIDS and HIDS) detects and alerts on potential infections and exposures.
  • Built-in file integrity monitoring (FIM) alerts on changes to critical files which could signal malicious intent or malware infection.
  • Unified essential security delivers the security intelligence required to respond to and contain malware outbreaks.

§164.308 – Password Management

Procedures for creating, changing, and safeguarding passwords.
Learn more about Password Management
Relevant USM CapabilitiesBenefits of Unified Security Management
  • Vulnerability assessment
  • Host intrusion detection (HIDS)
  • File integrity monitoring (FIM)
  • SIEM
  • Built-in, automated vulnerability assessment identifies the use of weak and default passwords.
  • Built-in host intrusion detection and file integrity monitoring will signal when password files and other critical system files have been modified.
  • The built-in event correlation engine connect critical, yet related events across systems such as a password change followed by exfiltration of data from the same device.

§164.308 – Security Incident Response and Reporting

Identify and respond to suspected or known security incidents; mitigate harmful effects of known security incidents and document security incidents and their outcomes.
Learn more about Security Incident Response and Reporting
Relevant USM CapabilitiesBenefits of Unified Security Management
  • Vulnerability assessment
  • Network intrusion detection (NIDS)
  • Host intrusion detection (HIDS)
  • File integrity monitoring (FIM)
  • SIEM
  • Behavioral monitoring
  • Log management
  • Situational awareness
  • Built-in asset discovery, vulnerability assessment, intrusion detection, behavioral monitoring, and security intelligence—accelerates the incident response process.
  • Unified log review and analysis, with triggered alerts for high risk systems (containing ePHI).
  • Customized, action-oriented alerts which tell you exactly what to do next when responding to incidents
  • Integrated threat intelligence powered by AlienVault Labs acts like your own dedicated team of analysts.

§164.310 – Device and Media Controls

Implement policies and procedures that govern the receipt and removal of hardware and electronic media that contain ePHI.
Learn more about Device and Media Controls
Relevant USM CapabilitiesBenefits of Unified Security Management
  • Host intrusion detection (HIDS)
  • File integrity monitoring (FIM)
  • SIEM
  • Built-in HIDS will alert on policy violations such as attempted use of external storage media on critical systems (e.g. USB drives).
  • Built-in file integrity monitoring (FIM) captures anomalous changes to critical files containing ePHI.
  • Event correlation rules provide the situational awareness needed to identify the potential exfiltration of ePHI.

§164.312 – Encryption and Decryption

Implement a mechanism to encrypt and decrypt ePHI.
Learn more about Encryption and Decryption
Relevant USM CapabilitiesBenefits of Unified Security Management
  • Asset discovery
  • Behavioral monitoring
  • Host intrusion detection (HIDS)
  • Network intrusion detection (NIDS)
  • Automatically discover all ePHI assets via built-in asset discovery—no costly and complicated integration required.
  • AlienVault’s USM will detect and alert when encryption or decryption procedures are not implemented correctly.

Learn More About HIPAA Compliance

Browse all Resources

Get Price Free Trial Chat