HIPAA section §164.312 (b) calls for hardware, software, and/or procedural mechanisms that record and examine activity in the information systems that contain or use electronic protected information. With HIPAA Vault logging, logs are created to display systems access activity in order to help determine regular and irregular access patterns and ensure overall system security and integrity.
As an integral part of the HIPAA Vault managed web hosting service, logging allows our system administrators to provide customers with an actionable resource for further development and support, as part of our affordable hosting solution. Logging includes both successful and failed attempts at accessing the system by user names, or various other criteria. This provides valuable correlation information for determining and identifying potential security risks and opportunities in the system.
Log files are regularly reviewed to determine if security measures are maintaining the integrity of the consumer’s resources and information or if changes need to be researched and applied to better secure consumers protected information.
Reports can be generated based on various criteria as desired by system administrators. An example of such criteria would be to have reports generated by username in order to determine if a specific username and password combination were excessively accessing system resources and information. This type of log report would allow HIPAA Vault’ systems administrators to identify potential compromised accounts or potential security risk and rectify them in a timely manner to ensure the overall integrity of the system.