HIPAA Compliance Reports

Simplify HIPAA Compliance with the AWN CyberSOC™ Service

AWN CyberSOC™ Service
  • Best managed threat detection and response
  • Dedicated security expertise for your IT team
  • 24/7 monitoring with unlimited log sources
  • Simplifies HIPAA compliance with customized reporting
  • Monitors access to electronic patient health information (ePHI) data on premises and in the cloud
  • Provides real-time alerts on unauthorized access of ePHI data
Today, medical professionals access electronic patient health information (ePHI) from anywhere they have an internet connection via laptops, tablets or smartphones. Physicians and healthcare insurers monitor biometric data through wearable devices worn by patients in remote sites. At the same time all this happens, hackers spare no effort in stealing ePHI data for financial gain.

The U.S. Department of Health and Human Services ( created the Health Insurance Portability and Accountability Act (HIPAA) in 1996 to protect the confidentiality and integrity of ePHI data. The Health Information Technology for Economic and Clinical Health Act (HITECH) in 2009 imposed mandatory audits and fines for non-compliance.

Arctic Wolf’s security operations center (SOC)-as-a-service enables organizations, such as nursing homes and hospitals, to meet HIPAA compliance requirements using the industry-leading, cloud-based AWN CyberSOC service. Arctic Wolf simplifies compliance, customizing reports to meet your business needs with the help of our dedicated Concierge Security™ team (CST) assigned to your account.

HIPAA Compliance Requirements

Electronic patient health information and electronic medical records can be stored in a variety of repositories, such as file servers, databases, access logs and other types of unstructured and structured data repositories. Safeguarding access and transmission of ePHI data in a manner compliant with HIPAA requires diligent administration and close cooperation between IT teams and the many business units that need access to the data.

Finding the right balance between the tasks supported by your IT organization and the checks that can be automated through Arctic Wolf’s SOC-as-a-service enables you to streamline HIPAA compliance and reduce overall costs.

The primary requirements of HIPAA Are:

Section Section Requirement:

Sec. 164.308(a)(1)

Security Management Process

Sec. 164.308(a)(3)

Workforce Security

Sec. 164.308(a)(4)

Information Access Management

Sec. 164.308(a)(5)

Log-in Monitoring and Password Management

Sec. 164.308(a)(6)

Security Incident Procedures

Sec. 164.308(a)(7)

Disaster Recovery Plan

Sec. 164.310(c)

Workstation Security

Sec. 164.312(a)(1)

Access Control

Sec. 164.312(b)

Audit Control

Sec. 164.316(b)

Standard Documentation Requirements

For more information on HIPAA, go to US Department of Health and Human Services website.

Arctic Wolf Compliance Solution for HIPAA

Arctic Wolf’s AWN CyberSOC™ service monitors all activity in on-premises IT infrastructure and cloud applications using physical/virtual AWN sensors. AWN CyberSOC continuously monitors network flows and ingests log records from an unlimited number of log sources, and uses human-augmented machine learning to accurately detect and respond to advanced attacks.

Arctic Wolf’s Concierge Security™ team dedicated to each customer account augments your IT-staff’s security expertise, hunts down advanced zero-day attacks, identifies HIPAA violations, and provides customized compliance reports to meet your HIPAA requirements. The table below shows how the AWN CyberSOC enables you to address each of the 10 HIPAA requirements.

  Requirement Arctic Wolf Solution

Sec. 164.308(a)(1):
Security Management

Implement policies and procedures to prevent, detect, contain and correct
security violations

Arctic Wolf monitors end-user and administrative access and configuration changes to all systems that create, receive, maintain and transmit ePHI data

Sec. 164.308(a)(3):
Workforce Security

Implement policies and procedures to ensure that all members of its workforce have appropriate access to ePHI and prevent people who do not have access to ePHI from obtaining access

Arctic Wolf monitors activities of active and inactive user accounts, and escalates de-provisioning of inactive accounts through manual/automated means, which enables development/enhancement of the required policies and procedures

Sec. 164.308(a)(4):
Information Access

Implement policies and procedures for authorizing access to ePHI data that are consistent with applicable requirements

Arctic Wolf audits changes to Active Directory (AD), Group Policies, Exchange and file servers, and flags unauthorized actions, which enables development/enhancement of the required policies and procedures

Sec. 164.308(a)(5):
Log-in Monitoring and Password Management

Institute procedures for monitoring log-in attempts, reporting discrepancies, and monitoring password changes

Arctic Wolf monitors failed/successful logins/logoffs and all password changes to prevent excessive help desk calls

Sec. 164.308(a)(6):
Security Incident Procedures

Implement policies and procedures to address security incidents

Arctic Wolf investigates all attack vectors (e.g. phishing, ransomware, etc.), and generates security incidents to initiate response actions, which enables development/enhancement of the required policies and procedures

Sec. 164.308(a)(7):
Disaster Recovery Plan

Establish policies and procedures for responding to an emergency or other occurance

Arctic Wolf audits changes including before/after values for immediate data recovery, quick rollback of unauthorized and accidental changes to Active Directory and anomalous login activity

Sec. 164.310(c):
Workstation Security

Implement physical safeguards for all workstations that access ePHI data to restrict access to authorized users

Arctic Wolf scans endpoints for unpatched vulnerabilities, and collects logs from endpoint security solutions when unauthorized access or advanced malware is detected

Sec. 164.312(a)(1):
Access Control

Implement technical policies and procedures for electronic information systems that maintain ePHI data to allow access only to authorized persons or software programs

Arctic Wolf collects relevant data from access control systems and AD, monitoring endpoint activity and file access; escalates unauthorized access via security incident alerts

Sec. 164.312(b):
Audit Control

Implement hardware, software, and/or procedural mechanisms that record and examine activity in endpoints that contain ePHI data

Arctic Wolf monitors and reports user logins/logouts in AD, all user activity on endpoints, and continuously monitors network traffic to detect anomalous activity

Sec. 164.316(b):
Standard Documentation

Maintain policies and procedures implemented to comply with documentation requirements

Arctic Wolf provides reports for account creations and deletions, data retention policies, admin lockouts, configuration changes; these reports include information on who, what, where and when these changes were made

Request a Demo