Monitor users’ access to PHI, hospital software, and corporate servers.
A US-based hospital
- Ensure that staff handles patients’ data securely
- Prevent the loss of patients’ sensitive data
- Collect evidence in case of an incident
- Secure data stored on corporate servers
Our customer is a general hospital that needed to establish robust security for patient data in order to meet HIPAA requirements.
It was essential for our customer to monitor how employees handle protected health information (PHI) and work with core hospital applications. They also wanted to keep an eye on privileged users to eliminate the risk of their stealing data, changing cybersecurity settings, or compromising corporate networks.
Another challenge for our customer was to make sure they could retrieve incident-related data in case of a security incident. They required this data to provide relevant reports and evidence according to HIPAA requirements.
And since our customer stores their most sensitive data on servers, they also needed to monitor the actions of users when accessing those servers.
After exploring several user activity monitoring and compliance solutions, our customer tried Ekran System. They appreciated its user-friendly interface, advanced features, and variety of deployment options, so they decided to adopt it.
After deploying Ekran System, our customer successfully achieved HIPAA compliance thanks to PHI data protection and employee monitoring. In particular, they achieved:
- Complete visibility into employees’ actions with patients’ data
- Insights into how users with elevated access rights handle patients’ data
- Immediate detection of potential incidents
- The ability to stop insider threat incidents in real time
- Limited access to sensitive data
- Reports on security incidents that comply with HIPAA requirements
- Proof of users’ malicious actions in the form of employees’ session records
- The ability to prevent unauthorized access to sensitive data on servers and ensure its safety
Additionally, our customer enhanced their data security by leveraging Ekran System’s USB device management functionality. Now, they can monitor and control all connected devices and set rules for blocking the connection of prohibited device types.