The final ruling on compliance requires all entities subject to HIPAA standards “to periodically conduct an evaluation of their security safeguards to demonstrate and document their compliance with the entity’s security policy and the requirements of this subpart.” In terms of evaluation frequency, the regulations state that: “covered entities must assess the need for a new evaluation based on changes to their security environment since their last evaluation, for example,new technology adopted or responses to newly recognized risks to the security of their information.” HIPAA regulations also point out: “it is important to recognize that security is not a product, but is an ongoing, dynamic process.” eEye’s Retina Enterprise or family of solutions automates and fulfills these process-oriented safeguard requirements for entities of all sizes.HIPAA Service
It is important to recognize the significance of the word “process” from the HIPAA regulations as it pertains to security within an organization. A computer security audit is a systematic, measurable technical assessment of how the entity’s security policy is employed. Security audits do not take place in a vacuum and are part of the on-going methodology of defining, maintaining and improving effective security throughout the organization. Following an established vulnerability assessment and remediation process is a proven approach to attaining HIPAA network security compliance.
Phase 1: Discovery & Auditing In order for organizations to assess their networks, it is important to understand the digital assets that make up the network. The first step in the vulnerability assessment and remediation process is asset identification. Though elementary, the Discovery Phase is an important first step in understanding the devices on a network. Retina quickly identifies and maps all of these elements in a centralized database.
Unquestionably, the most critical phase in the entire vulnerability and remediation process involves properly auditing an entire network for vulnerabilities. Retina is recognized as the leader in terms of its comprehensive auditing capabilities and unparalleled speed, accuracy and ease of use. With thousands of Retina scanners deployed worldwide, Retina has become the industry’s most effective security auditing product.