Making HIPAA Compliance Audits Easier
HIPAA Compliance is a key driver for our healthcare customers in the United States. The main challenges we see with regards to HIPAA compliance revolve around inappropriate access to protected health information, vulnerable patient information and a lack of appropriate mechanisms in place for detecting threats. LepideAuditor contains pre-set reports mapped for HIPAA Compliance specifically that offer instant answers to compliance queries. It includes “who’s been added to a security group”, “which user account has expired”, “who attempted to change or reset the password”, “who changed permission of a file and folder”, “who’s logged or changed the out of hours settings in Active Directory”, and many more.
Safeguard Patient Information Held in Unstructured Data
Imagine a user creates some sensitive financial or patient information then saves it to a file share, it’s then copied, renamed and then the permissions are changed. Before you know it, the data is practically public. This scenario is all too common and, unless you’ve got the right auditing tools, are practically impossible to spot. To help with this LepideAuditor keeps a complete audit trail of all interactions with files and folders. Threshold alerts can be created to alert you when files or folders are accessed, copied, modified, renamed or deleted and more.
Audit the Other Platforms Storing Your Data
Almost every organization in the healthcare industry uses third-party software applications for daily activities; all of which store health information in any available database systems, particularly SQL Server. Large amounts of patient and customer data is being stored in Windows File Servers, NetApp Filers, SharePoint Server, SharePoint Online (Office 365), OneDrive for Business and Dropbox. Exchange Server and Exchange Online (Office 365), also act as the backbone of communications in most healthcare organizations across the world. LepideAuditor continuously monitors and records all configuration changes made to these platforms as well as to Windows Active Directory, Azure AD and Group Policies. All permission changes across these platforms are also tracked and reported.
Keep Track of Inactive Users
Keeping your Active Directory clean is critical, especially in the healthcare sector where there is often a high volume of user accounts. Ensuring that you are only granting access to those that need it, when they need it, is essential. To help prevent the potential abuse of such accounts, and maintain HIPPA or PCI compliance, LepideAuditor offers a simple means of checking your Active Directory for inactive users and allows you to delete, rename or disable inactive user accounts automatically.
Ensure the Policy of Least Privilege Over Financial and Patient Data
Health, financial and personal data of both patients and customers is stored in files are folders on the File Server. One of the key pillars of any information security strategy is ensuring appropriate access rights to files and folders containing such crucial data. LepideAuditor offers the ability to create reports showing file access trends to help identify stale or unused data. It also allows you to take a file share and create a dynamic report showing exactly who can access the data and which permissions were granted. Historical permission analysis, along with permission comparison reports, allow you to check how frequently the permissions have been changed. LepideAuditor also monitors permission changes across multiple components and lets you maintain a least privilege policy by easily restoring unwanted permission changes.
Track User Activities Related to PHI
More and more or the attacks we have seen within the healthcare sector involve compromised user accounts being used to gain access to patient records. Users with elevated privileged are the most valuable and targeted accounts for hackers, so they need to be observed. More specifically we have seen many instances of third parties, contractors and collaboration partners with privileged access being compromised; leaving healthcare organisations wide open for attack. LepideAuditor ensures you have an audit trail of every change or action made by your privileged user accounts to give you that peace of mind they aren’t compromised or being abused. You can also get real-time alerts (with threshold limit also) when an abnormal number of potentially critical changes or events take place with a specific user account.
Monitor User Logon to Prevent Disruption of Services
The ability to be able to spot anomalous logon and logoff activity is essential when trying to detect security threats. LepideAuditor provides you with threshold alerts to ensure you get complete visibility over logon and logoff activity trends so that you can spot issues before they become a problem. We also provide a search and interrogation feature that enables you to dig deep into the specific actions and activities of user accounts in Active Directory to ensure you know every action taken of a specific user.
Spot, React to and Prevent Ransomware Attacks
Ransomware attacks are prevalent in healthcare organizations all over the world, with the NHS in the UK being hit particularly hard over recent years. While LepideAuditor can’t prevent the initial attack, many of our healthcare clients were able to identify the symptoms and automate their response to the spread. Using LepideAuditor, you can identify specific trends around file access attempts, file or folder modifications and then automate the execution of a user defined script. In some instances, our healthcare clients used LepideAuditor to stop services, activate a firewall setting or even shut down the server.