|  |
Configuresoft Delivers Solution to Address HIPAA Technical & Administrative Safeguards
Configuresoft, provider of policy compliance and configuration management technology, announced the Enterprise Configuration Manager/HIPAA (ECM/HIPAA) IT control solution. This solution helps health care organizations map to the 42 HIPAA Security Rules (including all of the Administrative and Technical Safeguards), by continually auditing network activity for policy compliance. The solution addresses patch management, event log collection/archiving and includes compliance templates for managed machines.
"Regulatory requirements are often stated at a level so high that the enterprise really doesn't know what to do to comply," said Scott Crawford, senior analyst at Enterprise Management Associates. "Experience in compliance is needed to know what best practices really are. Many companies claim to implement best practices, but Configuresoft's compliance solutions clearly demonstrate the audit-based experience of its people, down to the level of specific statements of mandates."
"There are slightly more than 90 days left for these organizations to become compliant. Are they ready? The HIPAA regulations specify that health care organizations must conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity and availability of their electronic protected health information," said Drew Williams, co-founder of the Center for Policy & Compliance (C&PC) and early contributor to the HIPAA standards. "By focusing on proper internal controls and auditing, health care organizations will not only conduct the required due diligence to comply with the HIPAA regulations, but more importantly, maintain better performance in the long run."
Meeting HIPAA requirements is a combination of implementing policies and executing procedures that require baseline levels of consistent IT auditing and performance that generate reports for review. Configuresoft's Center for Policy & Compliance Team has prepared a comprehensive series of automated checks and controls that correlate with the COSO/COBiT framework, along with best practices as defined by the National Institute of Standards and Technology. This granular level approach includes access control, audit control and automated access change monitoring, which ensures an organization's automated strategy for HIPAA compliance will consistently meet the standards.
"Using Configuresoft's ECM/HIPAA IT control solution, organizations can collect the most detailed critical configuration data from every Windows workstation and server on the network," said Chris Farrow, director of the C&PC. "This comprehensive data collection and auditing capability consolidates that information in a centralized SQL database to a single view for immediate access, analysis and reporting -- which are essential in maintaining compliance."
About Enterprise Configuration Manager
Configuresoft's flagship product, ECM, automates the management of configuration settings for Windows-based servers and clients, and enforces security and IT standards. ECM enables companies and government agencies to prevent security vulnerabilities, minimize downtime, reduce help desk calls and enhance system performance. ECM enforces security policies without human intervention by automatically resetting configurations to their pre-defined standard when they are inadvertently changed. These capabilities help organizations retain their systems' proper configuration, while ensuring IT security compliance with regulatory requirements such as HIPAA, GLBA, SOX and FISMA. 12.01.2005, Configuresoft
Subscribe to the newsletter | | |
| | | |
