This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Log and Event Manager, HIPAA, and a user group

Is anyone beholden to HIPAA using LEM to meet their obligations? Care to talk to shop?

Is this the best (only?) LEM user space?  I'd like to get involved with a user group for LEM or other systems like it.  If there isn't a group, maybe we should start one.

Thanks,

Andrew

  • FormerMember
    0 FormerMember

    We have a bunch of hospital, clinic, and otherwise HIPAA-beholden customers. Hopefully some will come visit and chime in. emoticons_happy.png I can speak of the broader experience of LEM in these environments, but sometimes there's nothing like the first hand story in the "tales from the trenches" style.

    This is the only LEM virtual or otherwise user space/group that I know of. There might be other general SIEM spaces in various places, but it still seems to be little product specific camps except at places like the SANS Log Management conference where people are more encouraged to knowledge share across products.

    One way I've seen this go is to organize meetups around popular conferences that people are likely to attend. The other way is a "real" user group - you'd think if there were enough people to create some more niche user groups that exist these days, there should be enough users to create a SIEM/Log Management User Group, even if it wasn't LEM specific.

  • Thanks for the reply.

    I'll keep lurking!

  • I am a newbie to Health Care and to HIPAA Compliance.  My previous experience has been as a Network Systems Administrator.  At the moment I could use good information on how often HIPAA related reports should be run and which reports should be run from the Log and Event Manager to track HIPAA related network events.  Anybody out there know any good resources?

  • You Have a New Message Pickup Center Message

    Gene Carleton <gcarleton@navihealth.us> has sent you an encrypted message via Message Pickup Center.

    Subject: RE: - Log and Event Manager, HIPAA, and a user group

    Sent: April 1, 2013 10:50:58 AM

    ACTIVATION INFORMATION:

    To view this message, click the link below and use your activation code to create a free Message Pickup Center account. Once you've created your account, you can view your messages you receive from Gene Carleton <gcarleton@navihealth.us> directly from your Message Pickup Center account:

    Email: jive-1291539589-3dcn-2-4824@solarwinds.hosted.jivesoftware.com

    Activation Code: sdnetgct

    Click here to create your free account and read your message. ex.securemail.intermedia.net/login.html

    NEED HELP?

    Please visit: pr.securemail.intermedia.net/brand

  • FormerMember
    0 FormerMember

    Andrew, we're using LEM for log file analysis to comply with these components of the Security Rule:

    1. Information system activity review (Required). Implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports. (164.308(a)(1)(ii)(D))
    2. Log-in monitoring (Addressable). Procedures for monitoring log-in attempts and reporting discrepancies.  (164.308 (a)(5)(i)(C))
    3. Standard: Audit controls. Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information. (164.312(b))

    I'd be interested in knowing how you've incorporated LEM into your daily security operations.

    John