Other Implementation Specifications
Although some of the implementation specifications are not directly related to log data, the TIBCO LogLogic reports and alerts can be used to assist in satisfying those requirements. For example, even though log data are not directly used in HIPAA section 164.308(a)(1), Security Management Process, routinely reviewing TIBCO LogLogic reports and responding to TIBCO LogLogic alerts aids in preventing, detecting, containing and correcting security violations.
The data generated by the TIBCO LogLogic Compliance Suite can be used to conduct a thorough risk analysis of the risks and vulnerabilities threatening the entity. The risk analysis can then be used to customize specific TIBCO LogLogic reports and alerts that enable an entity to manage risks in a dynamic environment where risks and vulnerabilities rapidly change.
All TIBCO LogLogic reports can be used to monitor regular user activity, as well as the activity and results of system and network administrators. Any activity or network configuration setting that is determined to violate security policies or procedures can result in sanctions against people, processes or resources. All TIBCO LogLogic reports and alerts directly aid an entity by allowing the regular review of information system activity.
The LogLogic® Compliance Suite - HIPAA Edition allows for the continuous monitoring of the IT infrastructure using behavioral-based alerts. Configure alerts to monitor performance of firewalls, routers, switches, servers, applications, and operating systems so they can be notified immediately of failures. real-time reports and custom, regular-expression searches also enable administrators to quickly identify and determine the root cause of any problems. This further mitigates risk and minimizes interruptions to service availability.