HIPAA (Health Insurance Portability and Accountability Act)
This is an acronym used for the Health Insurance Portability and Accountability Act that was passed by Congress in 1996. HIPAA does the following:
- Provides the ability to transfer and continue health insurance coverage for millions of American workers and their families when they change or lose their jobs
- Reduces health care fraud and abuse
- Mandates industry-wide standards for health care information on electronic billing and other processes; and
- Requires the protection and confidential handling of protected health information
Health Insurance Policy
The portion of HIPAA addressing the ability to retain health coverage is actually overseen by the California Department of Insurance and the California Department of Managed Health Care.
Protection and Confidential Handling of Health Information
The HIPAA privacy require health care providers and organizations, as well as their businesses associates, develop and follow procedures that ensure the confidentiality and security of protected health information (PHI) when it is transferred, received, handled or shared. This applies to all forms of PHI, including paper, oral and electronic. Furthermore, only the minimum health information necessary to conduct business is to be used or shared.
DataSunrise Security Compliance for HIPAA
DataSunrise provides a widespread set of capability which tact common regulatory database compliance needs, database audit access auditing, data masking, auto-discovery of regulated data and compliance reporting.
The finding of data that is to be regulated within an enterprise is one key challenge. DataSunrise is able to find regulated data through proper data auditing and the use of a protocol analyzer which monitors database activity in real time and establish normal patterns which aid in the finding of regulated data.
DataSunrise is able to audit all the commands sent from the client to the database and analyze them, hence ensuring the protection of a database, for it regulates on what a client is able to view and prevents them from viewing sensitive information. Data Sunrise functionality allows to show by whom, when, where and how each transaction is performed. This enables an enterprise to monitor both the privileged and non-privilege users.
DataSunrise database firewall provides a database access control to prevent data tampering and to enforce the separation of duties for different roles or users. This is done by the help of a protocol analyzer that is well enforced and is able to detect if there is any action that surpasses the given protocol.
DataSunrise has a very powerful database activity monitoring mainly done by the protocol analyzer. It allows real time notifications such as SNMP and SMTP one is able to get email alerts about firewall and database activity, what can be customizable by yourself.
DataSunrise data masking allows the handling data privacy and protection mandates that restrict the use of actual data. With Data Sunrise database suite important information such as social security numbers or credit cards numbers can be replaced by realistic values, allowing actual data to be safely used for other purposes.
- Discover exactly where all of regulated data resides in which databases, tables and columns
- Discover which individual, servers, applications and systems have access to each database
- Restrict or eliminate the ability the ability to destroy, copy, transmit or tamper with data
- Create rules to protect regulated data schemes for different roles or users
- Dynamically mask the data regulated by various laws and regulations
If one is working at a SOX-affected company as a DBA. DataSunrise through the use proper auditing and protocol analyzing enables you to implement safeguards to make sure that financial data does not get inserted/update/deleted without somebody knowing. It would be a serious nightmare as a DBA if someone is modifying profit and loss data without you being able to catch it like sliding money around into different accounts.