The Health Insurance Portability and Accountability Act (HIPAA) addresses the security of private patient healthcare data. Failure to abide by HIPAA regulations can lead to higher business costs, civil monetary penalties and negative media exposure.
Today’s IAM frameworks don’t detect or secure the privileged, “super-user” accounts that hold elevated permission to access electronic patient records, run programs, and change configuration settings on servers, workstations, applications and network appliances.
Enterprise Random Password Manager (ERPM) helps healthcare providers comply with regulatory mandates by safeguarding privileged accounts, and providing the auditing and control necessary to address key HIPAA requirements:
|45§164.308(1)(D) Implement audit logs, access reports, and security incident tracking reports.|
|45§164.308(3)(i) Prevent unauthorized members from obtaining access.|
|45§164.308(3)(B) Implement procedures to determine that the access of a workforce member to electronic protected health information is appropriate.|
|45§164.308(3)(C) Implement procedures for terminating access to electronic protected health information when the employment of a workforce member ends.|
|45§164.308(5)(C) Implement procedures for monitoring log-in attempts and reporting discrepancies.|
|45§164.308(5)(D) Implement procedures for creating, changing, and safeguarding passwords.|
|45§164.312(a)(1) Allow access only to those persons or software programs that have been granted access rights.|
|45§164.312(2)(i) Assign a unique name and/or number for identifying and tracking user identity.|
|45§164.312(2)(b) Implement mechanisms that record and examine activity in information systems that contain or use electronic protected health information.|
ERPM hardens and auto-propagates secured privileged login credentials wherever they may reside and provides a reliable audit trail to document the requesters, systems and accounts, timeframes, and purpose of each access request.
Download the datasheet to learn more.