Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic & Clinical Health Act (HITECH)

NNT Change Tracker™ Gen7 R2 for HIPAA: Non-Stop HIPAA Compliance
As with other security standards, NNT Change Tracker Enterprise provides a keystone for any cyber defense strategy. Device Hardening and Vulnerability Management is at the core, but with critical operational processes such as Change Management comprehensively covered alongside Host Intrusion Detection capabilities, Change Tracker offers an easy to use but fully featured security and compliance solution.

'Out of the Box' HIPAA compliance reports are provided, based on both CIS and NIST 800-53 recommendations. These hardened build standards can then be tailored to your specific healthcare and ePHI systems to ensure access rights and audit trails are provisioned correctly.

Best of all, NNT Change Tracker monitors for compliance continuously to ensure that if any drift from your secure configuration occurs, you can address it immediately before any damage is done. And because no system can ever be guaranteed to be 100% secure, Change Tracker provides a non-stop, real-time file integrity monitoring (FIM) function acting as a hypersensitive, forensic-level host intrusion detection system (HIDS).

With compensation awards for HIPAA breaches at an all-time high, make sure that your systems are secure at all times by using NNT Change Tracker.

How to meet HIPAA compliance and achieve a Cyber Resilient State with NNT
Download the HIPAA Solution brief

HIPAA

EXCLUSIVE: Cybersecurity Threats in US Healthcare Systems Exposed
NNT's Global Vice President, Dirk Schrader, recently discovered more than 2 petabytes of unprotected medical data found on picture archiving and communication systems (PACS) servers, resulting in 13 million medical examinations relating to around 3.5 million U.S. patients exposed, unprotected, and available to anyone on the internet. Watch this video to learn more.

HIPAA - HITECH Background

Electronic Personal Health Information (PHI) records are at risk of theft or exposure just like any other data stored in computer systems. HIPAA and the subsequent HITECH act mandate the responsibility to protect the confidentiality of health information.

Each time access is provided to healthcare records, the potential for loss of privacy or integrity increases. The HIPAA Privacy Rule clarifies the rights of the individual with respect to controlling access, integrity and confidentiality of their health information and the 2013 HIPAA Omnibus rules made it clear that sub-contractors and associated business partners were equally accountable to HIPAA standards of governance.

In other words, the burden of HIPAA compliance now applies to everyone – if your organization is responsible for a breach of patient privacy, expect to feel the full weight of a HIPAA lawsuit.

CIS Releases New Resources to Further Reduce Cyber Security Risk to Healthcare Systems
These consensus-based security recommendations may help medical device manufacturers and healthcare providers assess and mitigate cyber vulnerabilities. These mappings provide a detailed matrix aligning security configuration recommendations provided in the CIS Microsoft Windows 7 Benchmark v2.1.0 and Windows XP Benchmark v3.1.0 to the Security Capabilities included in a Technical Report (IEC/TR 80001-2-2) within International Electrotechnical Commission (IEC) 80001-1, a global standard for performing risk management of IT networks that include medical devices. NNT Change Tracker now delivers a fully automated assessment against these checklists and performs continuous compliance monitoring with real-time breach detection to maintain 24/7 security.

HIPAA Key Points

Did you know? In December of 2011, DHS named the State Dept. CISO as the director of the National Cybersecurity Division, with the mandate to bring about the same type and level of risk reduction across the government and the critical infrastructure as he had led at the State Department. Prior to this appointment, in 2009, the U.S. Department of State validated the consensus controls by determining whether the controls covered the 3,085 attacks it had experienced in FY 2009. In a presentation to the Intelligence Community, the State Department CISO reported remarkable alignment of the CIS consensus controls and the State Department actual attacks. He also launched a program to implement automated capabilities to enforce the key controls and provide daily mitigation status information to every system administrator across 24 time zones in which the State Department operates. With a very rapid achievement of a more than 88% reduction in vulnerability-based risk across 85,000 systems, the State Department's program became a model for large government and private sector organizations.

Additional HIPAA and HITECH Resources
Next Steps

Are you ready to get started in securing your IT environment with
industry-approved foundational controls, intelligent change control and automation?

The Most Powerful & Reliable Cybersecurity Products
Contact Us

USA Offices

New Net Technologies LLC
4850 Tamiami Trail, Suite 301
Naples, Florida, 34103

New Net Technologies LLC
1175 Peachtree St NE
Atlanta, Georgia, 30361.

Tel: (844) 898-8358
[email protected]

 

UK Office

New Net Technologies Ltd
The Russell Building, West Common
Harpenden, Hertfordshire
AL5 2JQ

Tel: 020 3917 4995
 [email protected]

SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Sans Institute Now Certified IBM Security
Copyright 2021, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.