Free TrialThe Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) mandate the standards companies need to follow to protect and maintain the confidentiality of personally identifiable health care information. An added benefit of compliance with HIPAA and HITECH, which is mandatory for all entities that transmit healthcare information, is that it allows you to proactively dodge both external threats and insider privilege abuse.
DataSecurity Plus has extensive reports to help you meet HIPAA and HITECH's data security standards. With these reports, you can draw meaningful insights on accesses, modifications, and permissions of critical files to help mitigate insider threats.
Below is a list of reports you can use to prove that your organization is compliant.
| HIPAA/HITECH standards | DataSecurity Plus report or alert |
| Monitor all modifications to protected health information (PHI) across file servers to detect and resolve violations, if any | All file/folder changes report |
| Deleted/overwritten files report | |
| Security permission changes report | |
| Most modified file report | |
| Create events report | |
| Renamed/moved events report | |
| File modified after N days report | |
| Audit and report all data accesses to PHI to ensure that no unauthorized changes are taking place. | All failed attempts report |
| Read events report | |
| Most accessed file report | |
| Most accesses by processes/user report | |
| File accessed after N days report | |
| Track and monitor all changes to access rights and file server permissions to identify anomalies. | NTFS permissions report |
| Share permissions report | |
| Utilize customizable, built-in capabilities for alerts to regularly audit file/folder-related activities. | File/folder moved or renamed alert |
| File/folder security changes alert | |
| File/folder removed alert | |
| Media files alert | |
| Detect and respond to mass access with customizable, automated responses. | Ransomware file alert |
| Threshold-based alert |
* Using this HIPAA compliance tool you can also generate customized reports based on file path, users, business hours, etc.
 |
Audit and analyze file and folder access |
 |
Analyze files and disk space |
|
| The Access Audit report provides detailed information on the quintessential Four W's—who accessed what, when, and from where. This will help you keep track of all accesses and changes. The Access Analysis report provides a summary view of accesses and changes, which can help you detect access trends. | The File Analysis report helps isolate files that are old, unused, unmodified, large, hidden, or non-business; making data cleanup easier. The Disk Analysis report provides visual insight into disk space usage and trends, facilitating optimization of disk space; it also reveals properties of files and folders. | |||
 |
Actively respond to security breaches |
 |
Audit access rights |
|
| Detect security breaches as and when they occur with alerts that get emailed instantly. Define threshold limits for mass access events such as malware attacks. | Examine share and security permissions of files and folders and prevent access exploitation. | |||
 |
Minimize incident response times |
|||
| Become proactive with real-time file and folder access and change auditing. Continuously monitor and get notified about critical activities. | ||||
Disclaimer: Fully complying with the HIPAA requires a variety of solutions, processes, people, and technologies. This page is provided for informational purpose only and should not be considered as legal advice for HIPAA compliance. ManageEngine makes no warranties, express, implied, or statutory, as to the information in this material.
