Using LepideAuditorTM for HIPAA Compliance

Often organizations struggle to understand the requirements of this compliance and find it difficult to meet the Privacy Rule and the Security Rule depicted in HIPAA. Both of these rules are focused on the protection of health information during its storage and transmission. IT auditing is one of the best methods for ensuring the security of electronic data. Native audit methods have numerous drawbacks that LepideAuditor can help you overcome.

Audit permission changes for data protection

Audit Permissions to Access Health Data

When permissions change, it can occasionally lead to unauthorized access to protected data, which could potentially result in data leakage. LepideAuditor continuously audits the changes in permissions of Active Directory, Exchange Server, SharePoint, SQL Server, Windows File Server and NetApp Filers. You can compare the permissions of an Active Directory object between two intervals.

Monitor users’ activities who have access to health records

Monitor Users of Health Information

HIPAA requires that any user with access to electronic health information needs to be monitored. LepideAuditor monitors the activities of all users and all configuration changes made when it comes to critical health information from. These changes are displayed in predefined reports that are easy to draw real information. You can set real-time alerts for critical changes, which can be sent as emails to intended recipients and as push notifications to the LepideAuditor App.

Audit changes to made to computers having health records

Audit Computers Storing Health Information

LepideAuditor audits all modifications made to computer objects in Active Directory. It keeps track of which users have permissions to access such computers and captures the logon/logoff events for future reference. LepideAuditor also audits changes to the network access policies of computers so as to keep a check on whether or not the computer can connect to an outside network. Modifications in user logon hours are also audited.

Track changes to group membership

Monitoring Group Memberships

Usually, permissions are assigned to users through groups. A sudden change in a group membership can therefore be potentially dangerous, as it can result in unnecessary or inappropriate levels of privilege being awarded to an employee that doesn’t require them. LepideAuditor enables you to keep track of groups and makes sure you are informed of every change made to memberships or properties in real time.

Lepide® is a registered trademark of Lepide Software Private Limited. © Copyright 2017 Lepide Software Private Limited. All trademarks acknowledged.