New Tougher HIPAA Rules

Today's Date: Saturday, September 04, 2010
Blue Cross/Blue Shield of North Dakota Selects SenSage's Security Information Management Solution to Meet the Audit Control Requirements of HIPAA
Thursday, May 26, 2005
SAN FRANCISCO, Dec. 3 /PRNewswire/ -- SenSage announced that Noridian, also known as Blue Cross/Blue Shield of North Dakota, has implemented SenSage's comprehensive Security Information Management (SIM) solution to protect patient information in accordance with the mandates of the Health Insurance Portability and Accountability Act (HIPAA).

Like all publicly held healthcare organizations including hospitals, medical groups and insurers, Noridian is subject to the HIPAA audit control requirements. These stringent requirements demand that companies collect, retain, and regularly review all security event data regarding the use of patient health information. After a rigorous evaluation of several solutions, Noridian chose to work with SenSage because of its well-architected solution for comprehensive historical analysis.
ADVERTISEMENT


"Our goal was to automate the collection and analysis of all network access events to our patient health information and store the massive volumes of data online for six months," said Troy Aswege, Assistant Vice President of Information Services for Noridian.

"Of all the vendors we researched, SenSage had the unique ability to capture and store data from all of the sources we needed, and help us quickly identify any anomalies. Using SenSage, we can now better identify security violations that might occur over time, which provides us with both critical insight and a strategic tool for HIPAA compliance."

In developing its HIPAA Analytics solution, SenSage reviewed patient health information security requirements, identified the sources from which an organization should collect data, built the log adapters to retrieve the data, and created pre-formatted audit reports.

Noridian's SenSage implementation collects log from sources as diverse as Peoplesoft, Red Hat, Novell, Websense, Serena, Sun, Bluestar, Thor and others. These logs cover system end user activity and include third party, as well as in-house developed applications. The system processes over 54 different log types and collects over 2 Gigabytes each day.

"While HIPAA specifically requires log analysis, it gives no guidance for implementation. Using SenSage's HIPAA Analytics solution, healthcare companies are provided with tools that enables them to quickly get up and running with a comprehensive solution for meeting the audit control requirements of HIPAA, while also instituting best business practices in security risk management," said Jim Pflaging, President and CEO of SenSage.

http://www.sensage.com .

© 2009, HipaaBulletin.com

Click here to Contact Us