Healthcare Security User Guide – Reports and Reporting Packages
Reports
Healthcare compliance reporting is broken into summary and detailed reports in order to present various audiences with appropriate forensic log data and audit requests. Summary reports provide a higher level of information that may be appropriate for some audit and management requests. On the other hand, detailed reports provide additional information and in some reports, raw log data, to facilitate IT Security and Operations.
User Access Management & Account Activity
With a large emphasis on User Access Management (UAM) and account monitoring, the associated reports and user lists are designed to augment and extend the capabilities in this area. Summary Reports can provide audit evidence as well as supplemental evidence to facilitate UAM activities. User Lists were designed off common account groupings (privileged accounts, vendor accounts, business user accounts, IT accounts, etc.) and can easily be integrated with existing periodic reviews through the use of Active Directory Sync.
Executive Summary Reports
Various reports are designed to provide a particular audience with necessary forensic data to analyze and make strategic decisions in the pursuit of Healthcare compliance. With this concept in mind, the ‘Top’ reports assist in prioritizing at-risk items or areas of non-compliance in a summary overview. The approach streamlines the information delivery to those executives that may leverage the data for strategic decisions. These reports are preconfigured to be included within the HSS: Monthly Executive Reporting Package.
Log Requirements
To utilize the summary and detailed reports related to UAM and account monitoring, the organization should look to leverage existing technologies and UAM processes. Access management or provisioning solutions, such as Windows Active Directory, should be included as log sources for this module and respective reports.
‘Top’ executive reports are designed to run against the in-scope HIPAA, HITECH, and Promoting Interoperability environment. With that said the organization should look to leverage past audit results, risk-based assessments, and Governance, Risk, and Control (GRC) resources. These resources help translate the audit’s scope into the functionality of the compliance module.
Knowledge Base Content
Object Type | Name | ID |
|---|---|---|
Report | HSS: Top Attackers | 1599 |
Report | HSS: Top Suspicious Users | 1600 |
Report | HSS: Top Targeted Hosts | 1601 |
Report | HSS: Top Targeted Applications | 1602 |
Report | HSS: Top Hosts Experiencing Errors | 1610 |
Report | HSS: Top Applications Experiencing Errors | 1611 |
Actions
User Lists can be integrated with existing periodic reviews to ensure updates are reflected for more accurate account monitoring and reporting. Audit requests can be addressed through the use of the UAM reports for various user groups (lists). The organization should look to integrate existing UAM and account monitoring activities already in place to further augment related Healthcare compliance control objectives.
The HSS: Monthly Executive Reporting Package comes pre-configured to include six ‘Top’ summary reports, but this reporting package can be customized to include additional forensic data requested by management or executive teams. For more information, see the Healthcare Security Compliance Automation Deployment Guide.
Report Packages
Report packages can be easily created or adjusted by a LogRhythm Admin to provide content for Audit, Executive Management, or other individuals who require output for assessment. Within the Healthcare Security Compliance Automation Suite, there are six reporting packages that can be adjusted according to audit and organizational needs.
To create a new Reporting Package to be used at your discretion:
- In the Client Console, click Deployment Manager on the main toolbar.
- Click the Report Center tab.
- Click the Report Packages tab.
- Within the Select Reports window, select the Healthcare Security Compliance Automation Suite reports to be included in this reporting package, and then click Next.
- On the Override Log Source Criteria page, Click Next (do not override log source criteria).
- Select the frequency and time frame for which the reporting package will be produced.
- Right-click and select New Report Package.
- Choose additional settings according to methods of desired delivery of report outputs, and then click Next.
- Type a name and description of the new Healthcare Security Compliance Automation Suite reporting package, and then click OK to save.