HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) passed into law in 1996 to standardize exchange of information between healthcare providers and to ensure patient record confidentiality. These goals are tightly related to information technology. Organizations have been required to demonstrate compliance with HIPAA since 2003.

HIPAA mandates that IT organizations maintain controls that secure all information related to an individual's healthcare, referred to as Electronic Protected Health Information (EPHI). HIPAA specifically states that organizations must employ specific administrative, physical and technical safeguards to protect EPHI.

Tenable Network Security can help organizations demonstrate HIPAA compliance by unifying their security and configuration monitoring into one user-friendly console. To learn specific details about how Unified Security Monitoring maps into HIPAA, please contact our sales team to request the "Real-Time Compliance Monitoring" paper.

Tenable also recommends that large and small health care organizations consider learning more about the Health Information Trust Alliance (HITRUST). This group has established the Common Security Framework (CSF) that can be used by health care organizations to create, access, store and exchange personal health and financial information. Tenable has mapped the features of our Unified Security Monitoring solution to those of the CSF. For more information, please visit the HITRUST Central forum today.