Cyber Security & HIPAA Compliance

An ounce of prevention is worth a pound of cure…


Making personal health information (PHI) more easily accessible to medical professionals is also creating opportunities for identity theft and medical claim fraud. According to Experian, 1.4 million Americans were victims of medical identity theft in 2009. The Health Insurance Portability and Accountability Act (HIPAA) outlines a number of preventive measures that create a proactive approach to discovering and addressing suspicious network activity and vulnerabilities. In order to comply with HIPAA, healthcare organizations and their business partners need to review log data, implement intrusion detection solutions and conduct regular vulnerability scans to help strengthen their security programs and protect PHI. And with the passage of the HITECH Act in 2009, cleaning up after a breach will often be more expensive and damaging than preventing one, making compliance with HIPAA all that much more important.

  • SALIX Log Manager provides the means for the effective log review and forensic analysis needed to comply with HIPAA.
  • SALIX Threat Manager uses patented technology to remove noisy network traffic and zero in on the activity that is most threatening to your environment, as well as provide unlimited vulnerability scanning.
  • SALIX Web Security Manager provides proactive defense against Web application attacks.

Delivered as Software-as-a-Service (SaaS), SALIX’s services provide a comprehensive security and compliance solution so you can be more proactive in the defense against cyber crime.

                                                                                                  Screenshots: Threat Manager contains over 45 dashboards…

                                                                                                   …and over 100 reports to help you manage compliance

Detailed vulnerability assessment & remediation guidance


To achieve HIPAA compliance, you must identify and remediate all critical vulnerabilities. Threat Manager streamlines this process by providing simple, actionable reports that detail vulnerabilities and recommendations. The Web interface provides easy-to-use dashboards and drill-down capabilities to quickly investigate any discrepancies. There is also a Dispute Wizard that helps document compensating controls that are in place to remediate specific vulnerabilities.



Host Vulnerability Report


For each host, Threat Manager will produce a report that details the vulnerabilities and associated risk levels that are exposed. In this example report, you can see that there is a range of urgent to low-level vulnerabilities on the host.

                                                                                                               Screenshot: Host Vulnerability Report

Failed Login Attempts Report


This report can be scheduled to run on a daily basis to ensure that attacks such as brute force attacks are not occurring. Many companies use this report to determine if contractors or onsite vendors are trying to gain access to sensitive information.

                                                                                                                Screenshot: Failed Login Attempts Report