Healthcare Security Compliance Automation Module User Guide

Though HIPAA, HITECH, and Promoting Interoperability compliance requirements coordinate directly with each other, this blended compliance module has been designed to support specific needs for each regulation. The package can be implemented as a whole, but lists can be updated and added individually to fulfill different reporting needs.

With HIPAA, the entity structure should be built around the scope determined by a risk assessment for its Security Rule. After a risk assessment has been completed and data discovery has been determined, each in- scope device can be separated into a dedicated HIPAA entity within LogRhythm’s Deployment Manager. After this has been done, the different entities can be categorized in the entity lists of the Healthcare Security Compliance Automation Suite. After the entity lists are populated, there is no need to update log source lists for HIPAA. Rather, maintaining the entity structure automatically keeps the suite’s module objects up to date. The entity structure added to the entity lists makes up the backbone of the Healthcare Security Compliance Automation Suite.

For HITECH, there is a series of log source lists. These can be added or removed to objects as needed for any level of granularity during the configuration and validation process of the module implementation. HITECH brings “burden of proof” requirements to healthcare compliance, and there may be instances where log source lists are preferable to entity lists. For example, file integrity monitoring may be running on a host as one log source, but reporting from the entity list results in potential white noise from there being multiple log sources on each device that runs file integrity monitoring. As a result, a report or alert might be configured to utilize the “HSS: File Integrity Monitoring Systems” log source list. In addition to all of this, Case Management is ideal for storing breach information and evidence that can be used for “burden of proof.”

Promoting Interoperability support within the suite is oriented toward ensuring the use of Electronic Health Records (EHR). A series of objects are configured to track and report on the utilization and activity of Eligible Professionals. More specifically, the module is set up with a baseline to help identify whether Electronic Health Records are being used in general. If Electronic Health Records are not being used by Eligible Professionals, and specific transactions do not occur regularly, a finding might be incurred. Dashboards can then be configured to track Eligible Professional utilization statistics, and Case Management can be used for tracking, association, and reporting.

• Healthcare Security User Guide—AI Engine Rules
• Healthcare Security User Guide—Investigations
• Healthcare Security User Guide—Case Management and Web Console
• Healthcare Security User Guide—Reports and Reporting Packages