Netwrix Corporation, 2016 ‘ASTORS’ Homeland Security Awards Platinum Award Winner for Best Cyber Auditing & Compliance Solution, provides a visibility platform for data security and risk mitigation.
Netwrix enables healthcare organizations to proactively detect and remediate internal and external cyber threats, and announced today that Henry County Hospital has enhanced control of privileged user activity and streamlined its HIPAA compliance by leveraging the user activity monitoring provided by Netwrix Auditor.
Henry County Hospital in Napoleon, Ohio, US, is a charitable, not-for-profit community hospital that offers a wide range of primary, acute and rehabilitative services to the residents of Henry County and surrounding areas.
Because it collects and uses protected health information (PHI), Henry County Hospital has to undergo a HIPAA compliance risk assessment every year. To comply with HIPAA’s rigorous requirements and avoid heavy fines for non-compliance, the hospital needed visibility into the activity of privileged users.
The IT team looked for a solution that could monitor user activity across Active Directory, Group Policy and Windows file servers.
They opted for Netwrix Auditor because it supports all required systems and enables video recording of user activity as an additional security layer.
(See how Netwrix Auditor provides the evidence required to prove that the your organization’s IT security program adheres to PCI DSS, HIPAA, SOX, GLBA, FISMA/NIST800-53, ISO/IEC 27001 and other standards. Courtesy of Netwrix and YouTube)
Using the product, the team achieved the following results:
Increased accountability of privileged users
- Daily reports and alerts on changes, especially to the Domain Admins group, along with the video recording capability, enable the hospital’s IT team to keep tabs on privileged users’ activity and ensure there are no internal threats putting data at risk, as required by HIPAA.
Complete control over file access permissions
- Netwrix Auditor enabled the IT team to detect excessive user permissions and rebuild the file server permissions structure from the ground up.
- This ensures that sensitive data is accessed only on a need-to-know basis, reducing the risk of accidental or deliberate misuse.
Time and cost savings on audit preparation
- Automated monitoring and out-of-the-box HIPAA compliance reports simplify internal processes for preparing for audits, and enable the hospital to readily prove compliance and address auditors’ questions in a timely manner.
- In fact, the solution eliminated the need to assign a full-time employee to manually monitor user activity, saving the hospital at least $40,000 per year.
“There are so many external and internal threats that you have to be proactive or you are just setting yourself up to be compromised,” said Geoffrey Robinson, Server/Storage Administrator at Henry County Hospital.
“Netwrix Auditor helped us to monitor everything from privileged user activity across file shares to Active Directory and Group Policy changes that are so hard to track.”
“Basically, the product does everything for you without a lot of manual work and cuts off almost 100% of your time from an auditing perspective.”
“To avoid large non-compliance fines and reputational damage, healthcare providers should regularly demonstrate to auditors that patient data is secure,” said Michael Fimin, CEO and co-founder of Netwrix.
“Complete visibility into what is going on in the IT infrastructure simplifies managing security risks and helps IT teams demonstrate the efficacy of existing security controls, which results in faster, less painful checks and improved grades with regulators.”
Netwrix Auditor is a visibility platform for data security and risk mitigation that enables healthcare organizations to gain control over what’s going on in the most critical areas of their IT infrastructures, ensure data integrity and reduce compliance audit preparation time.
To read the complete case study, please visit: www.netwrix.com/go/henry_county_hospital
Netwrix Corporation was the first vendor to introduce a visibility and governance platform for hybrid cloud security.
More than 160,000 IT departments worldwide rely on Netwrix to detect insider threats on premises and in the cloud, pass compliance audits with less effort and expense, and increase productivity of IT security and operations teams.