Compliance Guides

HIPAA Compliance with Threat Stack

Issue link: https://resources.threatstack.com/i/871262

Contents of this Issue

Navigation

Page 1 of 1

CONTINUOUS MONITORING Threat Stack ensures that you're never le in the dark when it comes to knowing what's happening in your network. Our pla orm provides you with the instruments you need to effec vely maintain a healthy security posture in the cloud. Specifically, Threat Stack: • Monitors for suspicious filesystem, account and configura on ac vity. • Provides granular insight into security configura ons and control effec veness. • Allows you to iden fy and report on areas of risk to data and configura ons. ALERTING Our pla orm monitors and records all the ac vity happening in your cloud and sounds the alarm if suspicious behavior is detected. Get no fied instantly if anomalous behavior indica ng unauthorized access to PHI occurs so you can respond immediately. Specifically, Threat Stack will alert you on: • Changes in data, configura ons and login ac vi es that are indicators of compromise. • Viola ons of policies and procedures. • Unauthorized exposure or modifica on of data. • Unencrypted network connec ons or tampering with encryp on algorithms, applica ons or keys. INVESTIGATE AND VERIFY Determine whether an event is a true threat using Threat Stack's detailed audi ng system. Our audit trails provide you with the intelligence you need to understand an a ack's impact so you can answer the who, what, where, when and how in order to make informed decisions on how to respond in the event of a compromise. Specifically, Threat Stack: • Inves gates ac vity conducted across your servers, iden fying poten al threats. • Documents security incidents, allowing you to mi gate future threats. • Provides detailed informa on from system ac vity that can be used to detect and respond to issues. Threat Stack provides you with deep visibility star ng at the underlying kernel — the source of truth — where system ac vity can't be faked. Threat Stack gives you instant, comprehensive visibility into your en re cloud infrastructure and sounds the alarms if suspicious behavior is detected. TAKE ACTION Armed with Threat Stack's powerful forensics, you can take ac on to ensure the vulnerability in your a ack surface is fixed to prevent similar events from happening in the future. Specifically, Threat Stack provides: • Detailed informa on about system ac vity that can be used post-compromise • The ability to report on the use of generic system accounts Threat Stack's monitoring capabili es impact the following HIPAA requirements: General Rules (164.306(e)), Administra ve Safeguards (164.308(a)(1)(ii)(A), 164.308(a) (5)(ii)(C), 164.308(a)(6)(i), 164.308(a)(6)(ii)), Technical Safeguards (164.312(a)(2)(iv)). Threat Stack's aler ng capabili es impact the following HIPAA requirements: General Rules (164.306(a)), Administra ve Safeguards (164.308(a)(1)(i), 164.308(a) (1)(ii)(B), 164.308(a)(1)(ii)(C), 164.308(a) (1)(ii)(D), 164.308(a)(3)(i), 164.308(a)(3) (ii)(A), 164.308(a)(4)(ii)(A), 164.308(a)(5) (i), 164.308(a)(5)(ii)(A), 164.308(a)(5)(ii)(C), 164.308(a)(6)(i), 164.308(a)(6)(ii)), Technical Safeguards (164.312(a)(1), 164.312(c)(1), 164.312(c)(2), 164.312(e)(1), 164.312(e)(2)(i)). Threat Stack's monitoring capabili es impact the following HIPAA requirements: Administra ve Safeguards (164.308(a)(8), 164.308(a)(7)(ii)(C), 164.308(a)(1)(ii)(D)), Technical Safeguards (164.312(b), 164.312(c) (1), 164.312(c)(2), 164.312(e)(2)(i)). Threat Stack's monitoring capabili es impact the following HIPAA requirements: General Rules (164.306(e)), Administra ve Safeguards (164.308(a)(1)(ii)(A), 164.308(a) (5)(ii)(C), 164.308(a)(6)(i), 164.308(a)(6)(ii)), Technical Safeguards (164.312(a)(2)(iv)). The decisions you make are only as good as the intelligence you base them on. That's why Threat Stack is considered the gold standard when it comes to protec ng PHI and maintaining HIPAA compliance in the cloud. Try Threat Stack. Visit ThreatStack.com

Articles in this issue

Links on this page

view archives of Compliance Guides - HIPAA Compliance with Threat Stack