Meet HIPAA Compliance Requirements

Protecting Health Information of US Citizens

Wide-Ranging Health Regulations

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is legislation that addresses a broad range of healthcare areas, including health insurance coverage, national standards, breach notifications, pre-tax spending accounts, group health plans, company-owned life insurance policies.

Security Standards for Electronic Health Records

Title II, known as the Administrative Simplification Provisions, mandates the adoption of Federal privacy protections for individually identifiable private health information (aka PHI, e-PHI, or EPHI). It applies to a wide variety of health industry organizations that transmits any health information in electronic form. It includes provisions that adopt national standards for electronic health care transactions and code sets, unique health identifiers, and security measures.

Monitor Relevant Group Membership

Review and keep secured system access to a minimum with Cygna Auditor's group reports that show membership of secured system users and administrators.

Monitor Relevant Group Membership
Monitor Secured System Permissions

Monitor Secured System Permissions

Keeping group membership current is only half the battle – you must ensure that permissions on secured systems stay correct. Cygna Auditor's permissions reports enable you to be sure access is correct.

Real-Time Notification of Unusual Activity

Cygna Auditor's built-in and custom alerting notifies you of unusual activity such as scripted permission changes, or mass file updates typical of ransomware.

Real-Time Notification of Unusual Activity
Monitor Activity on Secured Systems

Monitor Activity on Secured Systems

Cygna Auditor monitors all successful and failed data activity such as file or folder creation, access, updates, deletions, who made the changes and when they were made.

Examples of Addressed HIPAA Compliance Requirements

Cygna Auditor addresses Administrative Safeguards (164.308), Technical Safeguards (164.312), Policies and procedures and documentation requirements (164.316), and Accounting of disclosures of protected health information (164.528) of the HIPAA Title II Security Rule.

164.308 (a)(1)(i) Security management process
164.308 (a)(1)(ii)(D) Information system activity review
164.308 (a)(3)(ii)(C) Termination procedures
164.308 (a)(4)(ii)(C) Access establishment and modification
164.308 (a)(5)(ii)(C) Log-in monitoring
164.308 (a)(6)(i) Security incident procedures
164.312 (a)(1) Standard: Access control
164.312 (b) Standard: Audit controls
164.312 (d) Person or entity authentication
164.316 (b)(1) (ii) Documentation