Consul Risk Management Releases HIPAA Compliance Module

Software firm releases add-on for its Insight Security Manager to directly deal with challenges of health information compliance laws

The HIPAA Security Rule specifies that covered entities must conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity and availability of electronic protected health information held by the covered entity. With this risk assessment being so fundamental to HIPAA compliance, organizations must quickly align the reality of their business operations with their information protection and compliance requirements. Consul InSight provides organizations with a quick and accurate way to baseline users and IT assets, benchmark access behavior, establish access policy, and identify and report policy exceptions.

Consul InSight uses its patent-pending W7 methodology (Who did What, When, Where, Where from, Where to and on What) to consolidate, normalize and analyze vast amounts of user and system activity, delivering instant alerts and reports on who touched what information and how those actions may violate external regulations or internal security policies. By comparing user activity to customizable HIPAA policy templates, Consul InSight accelerates organizations' HIPAA compliance efforts. Implementation of Consul InSight accelerates compliance in the following ways:

1. Specific recommendations for audit and alert configuration allow for the proper generation of information needed for security event management. This audit trail of all network activity easily highlights events that violate HIPAA security policy.

2. Customizable security policies that are designed to enable compliance to HIPAA.

3. Real-time alerts and 100-plus compliance relevant reports enable organizations to track, measure and resolve security breaches related to HIPAA-relevant data.

4. Guidelines and technology for archiving crucial security log information to meet security best practices that are relevant to HIPAA, as well as other standards, such as ISO17799 and COBIT.

5. Forensic capabilities provide drill-down, cross-platform investigative functionality to simplify the required investigation of HIPAA-related security events.

More information about how the new HIPAA Regulatory Compliance Management Module for Consul InSight facilitates HIPAA Security Compliance is available online at:

Pricing and Availability

The HIPAA Regulatory Compliance Management Module for Consul InSight will be available at the end of 2004. Pricing will start at $30,000.