Support
 
Support Get Quote
 
 
 
 

HIPAA Compliance Audit Reports

Home » Features » HIPAA Compliance Audit Reports

Achieve HIPAA compliance with EventLog Analyzer

HIPAA Compliance Audit Report

HIPAA mandates the security of a patient's health information from any unauthorized use or access. HIPAA requires that all health care organizations dealing with sensitive patient data must establish a security management process to protect patients' confidential data from attempted unauthorized access, use, disclosure, or interference.

Therefore, IT security administrators must collect and analyze log data across the network and extract meaningful information on data access in the form of reports.

EventLog Analyzer, a comprehensive log management solution, helps IT security admins meet HIPAA requirements by monitoring and auditing access to critical data. This solution identifies and tracks suspicious insider activity as well. It provides out-of-the-box reports with exhaustive information on data access, user activity, user logon and logoff activity, and more. This solution also generates real-time email or SMS alerts that help instantly mitigate any compliance violations.

HIPAA requirements EventLog Analyzer reports
Sec 164.308 (a) (1) (ii) (D)
Object Access
  • Object Accessed
  • Object Created
  • Object Modified
  • Object Deleted
  • Object Handled
ec 164.308 (a) (5) (ii) (C) &
Sec 164. 308 (a) (6) (ii)
Logon and Logoff Monitoring
  • Successful User Logons
  • Successful User Logoffs
  • Logon Failure
  • Unsuccessful User Logons
  • Terminal Service Session
Sec 164.308 (a) (7) (i)
System Events
  • System Logs
  • Audit Logs Cleared
Sec 164.308 (a) (3) (ii) (A) &
Sec (a) (4) (ii) (B)
Account Logon
  • Successful User Account Validation
  • Unsuccessful User Account Validation

Object Access

HIPAA requirements detailed in Sec 164.308 (a) (1) (ii) (D) require monitoring of access to confidential patient health information.

EventLog Analyzer provides detailed, premade reports to:

  • Track access to the given object (file or folder) that has confidential information.
  • Identify the type of operation performed on the object (read, write, delete, or modify).
  • Single out the user who accessed or performed operations on the object.
  • Know whether the operation or access was successful.

This solution also gives detailed information on where the access or operation was attempted from.

Logon and Logoff Monitoring

Successful User Logons and Logoffs: HIPAA requirements 164.308 (a) (5) state that user access to the system be recorded and monitored for possible abuse. This requirement, apart from detecting the security breaches, allows IT security administrators to document access to confidential medical details by legitimate users.

EventLog Analyzer's Successful User Logons and Logoffs report includes detailed information such as the user name, date and time of the logon and logoff events, reason for the logon failure, and more.

Logon Failure: EventLog Analyzer's intuitive graphical reports provide detailed information on the logon failures happening across the network. These reports include details such as:

  • Reason for logon failure (logon failures due to bad password, account lockout, or password expiry).
  • User(s) who attempted to log on.
  • Device(s) from where the logon attempt occurred.
  • Date and time of occurrence.

These details give in-depth visibility into the network access. EventLog Analyzer also allows IT security admins to view the original log message and identify the exact log entry that caused network intrusions.

Unsuccessful User Logons: EventLog Analyzer provides detailed reports on unsuccessful user logon attempts across the network, which help proactively mitigate the breach attempts at the intrusion stage.

Terminal Service Sessions: EventLog Analyzer provides predefined reports that have exhaustive information regarding the connection, reconnection, and disconnection of terminal server sessions, which allows tracking of the device session status.

System Events

System Logs: To ensure complete network security, it is essential for IT security administrators to identify the local system processes such as the system startup, shutdown, or changes to the system time or audit log. EventLog Analyzer provides preconfigured reports for all of the above mentioned system events.

Audit Logs Cleared: HIPAA requirement 164.308 (a) (3) calls for procedures to review records of information system activity such as audit logs regularly.

EventLog Analyzer enables security administrators to meet this requirement by providing audit logs access reports. Apart from this,  the solution helps securely archive audit log data. At any point of time, the audit log data can be loaded back to the database, and forensic analysis can be conducted to identify the root cause of theattempt, if any.

Account Logon

Successful or Unsuccessful User Account Validation: EventLog Analyzer identifies successful and unsuccessful user account logon events, which are generated when a domain user account is authenticated on a domain controller. It also provides detailed information on the user account validation.

HIPAA compliance made simple.

  Download a free trial now!  Request demo
Other features

IT compliance management

Comply with the stringent requirements of regulatory mandates viz., PCI DSS, FISMA, HIPAA, and more with predefined reports & alerts. Customize existing reports or build new reports to meet internal security needs.

SIEM

EventLog Analyzer offers log management, file integrity monitoring, and real-time event correlation capabilities in a single console that help meeting SIEM needs, combat security attacks, and prevent data breaches.

File Integrity Monitoring

Monitor critical changes to confidential files/folders with real-time alerts. Get detailed information such as 'who made the change, what was changed, when and from where' with predefined reports.

Log management

Centrally manage log data from sources across the network. Get predefined reports and real-time alerts that help meeting the security, compliance, and operational needs.

Log collection

Centrally collect log data from Windows servers or workstations, Linux/Unix servers, network devices viz., routers, switches, & firewalls, and applications using agent less or agent based methods.

Log analysis

Perform in-depth forensic analysis to backtrack attacks and identify the root cause of incidents. Save search queries as alert profile to mitigate future threats.

Need Features? Tell Us
If you want to see additional features implemented in EventLog Analyzer, we would love to hear. Click here to continue

EventLog Analyzer Trusted By

Los Alamos National Bank Michigan State University
Panasonic Comcast
Oklahoma State University IBM
Accenture Bank of America
Infosys
Ernst Young

Customer Speaks

  • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
    Benjamin Shumaker
    Vice President of IT / ISO
    Credit Union of Denver
  • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
    Joseph Graziano, MCSE CCA VCP
    Senior Network Engineer
    Citadel
  • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
    Joseph E. Veretto
    Operations Review Specialist
    Office of Information System
    Florida Department of Transportation
  • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
    Jim Lloyd
    Information Systems Manager
    First Mountain Bank
TestimonialsCase Studies

Awards and Recognitions

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
A Single Pane of Glass for Comprehensive Log Management
Log ManagementLog AnalysisIT ComplianceSIEMQuick LinksRelated Products

A Single Pane of Glass for Comprehensive Threat Management

Free Trial Get Quote
Email Download Link