Review of Information System Activity § 164.308(1) (ii) (D)
Implementation of procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident reports
Protection from Malicious Software § 164.308(a)(5)(ii)(B)
Calls for procedures for guarding against, detecting and reporting on malicious software
Log-in Monitoring § 164.308(a)(5)(ii)(C)
Monitoring log-in attempts and reporting discrepancies
Security Incident Procedures §164.308(a)(6)(ii)
Implementation of methods to identify and respond to suspected or known security incidents; mitigate to the extent practicable
Audit Controls § 164.312(b)
Implementation of hardware, software and/or procedural mechanisms that record and examine activity in information systems that contain or use ePHI
Integrity & Authentication of ePHI § 164.312(c)(1) and (2)
Electronic measures to corroborate that ePHI has not been altered or destroyed in an unauthorized or improper manner
Person or Entry Authentication § 164.312(d)
Procedures to verify that a person or entity seeking access to ePHI is the claimed.
In order to successfully meet the above requirements, HIPAA specifically calls out event logs as an important vehicle to meet compliance and requires CEs to collect, analyze, preserve, alert and report on system and application security event logs generated by all relevant systems.
In fact, many other regulatory mandates and best-practice processes also recommend regularly reviewing log data in order to achieve complete network transparency and diagnose potential security problems. Apart from helping with compliance, this also benefits healthcare organizations by providing patients with the confidence that their most sensitive data is secure and protected from misuse.
Can this be achieved without an automated log management solution in place? The answer to that is ‘possibly’, but especially at the larger CEs, at a considerable risk of information breach and audit failure.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.