HIPAA Compliance for IT with Tripwire: Securing Personal Health Information
The Health Insurance Portability and Accountability Act (HIPAA) was implemented to protect the confidentiality and integrity of electronic personal health information. Being HIPAA IT compliant means virtual and physical configurations — from networks and servers to virtual machines and security infrastructure-must be maintained and assessed against HIPAA policies, and proven in the event of an audit.
The Tripwire solution for HIPAA IT Compliance incorporates best practices for high integrity systems management. A covered entity using Tripwire to meet the requirements of HIPAA creates a system that reduces the time spent fighting fires caused by poor network and data security practices, and enhances the data security of electronic personal health information (ePHI).
Tripwire delivers a comprehensive solution by:
- Allowing you to meet the core intent of HIPAA's integrity controls with file integrity monitoring. Tripwire can be tuned and managed to meet changes in your HIPAA IT compliance environment.
- Addressing each of the requirements in the Security Rules associated with Part 164, Subpart C, Section 164.312 of Title II of the HIPAA.
- Assuring that change is measured and controlled and compliance status is always known.
- Automating the repair of configurations that intentionally or accidentally fall from secure and compliant states.
- Managing policy compliance for HIPAA as well as a variety of security frameworks such as ISO 27001, COBIT and NIST.