SlideShare a Scribd company logo

Leading Emergency Software Solution Provider Automates HIPAA and SOX Compliance Processes

Netwrix Corporation
Netwrix Corporation
1 of 3
Download to read offline
NetWrix Customer Case Study Leading Emergency Software Solution Provider Automates HIPAA and SOX Compliance Processes “Every change we make to AD is now logged Customer: and audited which helps us to see exactly Zoll Data Systems what is going on with our domain Web Site: controllers. File server management and www.zolldata.com auditing help us with our HIPAA and SOX Number of Users: 360 compliance.” Bhupinder Virdi, Industry: IT Department, ZOLL Data Systems, division of Zoll Medical Manufacturing, Healthcare Corporation ZOLL Data Systems, a division of Zoll Medical Corporation Solution: (NASDAQ:ZOLL), is one of the leaders in software solutions for fire Change Auditing and emergency medical services industry. Zoll Data Systems develops an integrated software suite under the RescueNet brand Product: name which is a fully integrated data management system that NetWrix Change Reporter Suite gathers and centralizes information and links the entire pre-hospital chain of events into a single system. Vendor: NetWrix Corporation Phone: 888-638-9749 Web Site: www.netwrix.com Challenge: Sustaining Compliance and Passing Compliance Audits “The main issue we had to deal with was ability to successfully pass Customer Profile: all upcoming compliance audits,” said Virdi. Compliance ZOLL Data Systems, a division of Zoll Medical requirements must be enforced to ensure adherence to the laws and Corporation (NASDAQ:ZOLL) is one of the leaders in fire and EMS software solutions. regulations mandated by various industry committees and government institutions. To be "in compliance" is not a one-time event but requires a continuous and often costly effort. Being a business associate of many a health organization (emergency hospitals, etc) as a provider of EMS software, Zoll Data Systems has to comply with HIPAA (Health Insurance Portability and Accountability Act). It basically means that the company is liable to providing security and privacy of patient data to guarantee non-disclosure of protected health information. From an IT department's standpoint, a typical HIPAA or its enhanced HITECH implementation is based on the following core principles aimed to provide transparency and accountability (auditability) of regulated data and systems: Copyright © NetWrix Corporation. All rights reserved.
NetWrix Customer Case Study • Identity management and access control: to Solution: Integrated Regulatory ensure that data is only accessible by personnel that have a business need. Compliance for HIPAA/HITECH and SOX • System configuration control: tracking of administrative activities. Once the need was realized the IT team at Zoll Data started looking for an appropriate solution to • Monitoring of access to data: knowledge of prepare for compliance audits. During the selection who accessed what data and when and review on process the IT team considered various solutions a regular basis. including, as pointed out by Virdi, products from ManageEngine and LogRythm, as well as NetWrix • Data handling and encryption control: Change Reporter Suite . The solution from NetWrix protection of data in storage and during transfers. suited the needs of Zoll in terms of, as described by Virdi, “cost, features and integration with other products”. NetWrix Change Reporter Suite has a Thus the main elements in an IT infrastructure that unique set of features which includes the ultimate have to be audited include Active Directory as it set of NetWrix Change Reporter products, e.g. stores information about all network components NetWrix File Server Change Reporter and NetWrix and file server environment where all the business Active Directory Change Reporter crucial to sustain data is usually kept. regulatory compliance. Another regulation that Zoll Data Systems has to Apart from cost and functionality the IT team comply with is SOX (Sarbanes Oxley Act) being a mentioned another benefit of the Suite which is part of Zoll Medical Corporation, which is publically NetWrix Enterprise Management Console, a central traded on the US stock exchange (NASDAQ:ZOLL). element of the Suite, based on the familiar The goal of SOX is transparency and accountability Microsoft Management Console (MMC) of public companies for investor protection. The look-and-feel, which consolidates management compliance regulations under the Sarbanes Oxley and configuration tasks and allows managing all Act define three major requirements: establishing the Suite’s components at once: “I like the fact that of controls, ongoing evaluation of controls there is an integrated enterprise console to (monitoring and testing), and disclosure manage all the products,” added Virdi. ("auditability") of control effectiveness (including defects and weaknesses that can result in fraud). The timeline for deployment of the NetWrix solution was easily met and went smoothly with The very need to comply with both regulations in the help of NetWrix technical support team. “The the view of the upcoming compliance audits made whole implementation project was completed in IT team at Zoll Data Systems seek an appropriate just a matter of month and it only took a week to solution that would maintain established controls deploy all the products,” said Virdi. The level of by tracking and reporting all changes in IT service rendered to the customer by the NetWrix infrastructure for auditing purposes and team at all the stages from the product inception implementing secure identity management till the ready-for-launch was characterized by Virdi practices that would ensure system security. as “very professional and helpful”. Copyright © NetWrix Corporation. All rights reserved.
NetWrix Customer Case Study Proven Results: About NetWrix Corporation Improved Visibility into IT NetWrix Corporation is a highly specialized Infrastructure and Satisfied provider of solutions for IT infrastructure change auditing. Change auditing is the core competency Compliance Auditors of NetWrix and no other vendor focuses on this Soon after introducing NetWrix Change Reporter more extensively. With the broadest platform Suite to the Zoll’s IT infrastructure the IT team was coverage available in the industry, innovative capable of providing auditability in terms of technology and strategic roadmap aiming to administrative and technical safeguards, support different types of IT systems, devices and accounting for disclosures of protected health applications, NetWrix offers award-winning change information (HIPAA compliance) as well as in terms auditing solutions at very competitive prices, of infrastructure resource protection/availability; matched with great customer service. Founded in infrastructure maintenance; change management 2006, NetWrix has evolved as #1 for Change and systems security (SOX compliance). “Every Auditing as evidenced by thousands of satisfied change we made to AD is now logged and audited customers worldwide. which helps us see exactly what is going on with our domain controllers,” Virdi describes the major The company is headquartered in Paramus, NJ, and benefits of implementing Change Reporter Suite. has regional offices in Los Angeles, Boston, Tampa “File server management and auditing helps us and the UK. with our HIPAA and SOX compliance thanks to NetWrix File Server Change Reporter,” continued NetWrix IT infrastructure auditing solutions have Virdi. won more than 40 prestigious awards and are used by thousands of organizations around the world. The impressive list of customers from various industries includes many well-known brands, such as IBM®, Boeing®, Mitsubishi®, Hyundai® and more. Copyright © NetWrix Corporation. All rights reserved.

Recommended

Agiliance Wp Key Steps
Agiliance Wp Key StepsAgiliance Wp Key Steps
Agiliance Wp Key Stepsagiliancecommunity
 
OneAudit™ - Assess Once, Certify to Many
OneAudit™ - Assess Once, Certify to ManyOneAudit™ - Assess Once, Certify to Many
OneAudit™ - Assess Once, Certify to ManyControlCase
 
SOC 2 Compliance and Certification
SOC 2 Compliance and CertificationSOC 2 Compliance and Certification
SOC 2 Compliance and CertificationControlCase
 
ISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust FrameworkISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust FrameworkMaganathin Veeraragaloo
 
Content Aware SIEM™ defined
Content Aware SIEM™ definedContent Aware SIEM™ defined
Content Aware SIEM™ definedEnterprise Technology Management (ETM)
 
Soc 2 vs iso 27001 certification withh links converted-converted
Soc 2 vs iso 27001 certification withh links converted-convertedSoc 2 vs iso 27001 certification withh links converted-converted
Soc 2 vs iso 27001 certification withh links converted-convertedVISTA InfoSec
 
OmniNet MDS HIPPA Compliance Info
OmniNet MDS HIPPA Compliance InfoOmniNet MDS HIPPA Compliance Info
OmniNet MDS HIPPA Compliance InfoJonathan Eubanks
 
ISO 27001 Information Security Management Systems Trends and Developments
ISO 27001 Information Security Management Systems Trends and DevelopmentsISO 27001 Information Security Management Systems Trends and Developments
ISO 27001 Information Security Management Systems Trends and DevelopmentsCertification Europe
 

Recommended

Agiliance Wp Key Steps
Agiliance Wp Key StepsAgiliance Wp Key Steps
Agiliance Wp Key Stepsagiliancecommunity
 
OneAudit™ - Assess Once, Certify to Many
OneAudit™ - Assess Once, Certify to ManyOneAudit™ - Assess Once, Certify to Many
OneAudit™ - Assess Once, Certify to ManyControlCase
 
SOC 2 Compliance and Certification
SOC 2 Compliance and CertificationSOC 2 Compliance and Certification
SOC 2 Compliance and CertificationControlCase
 
ISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust FrameworkISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust FrameworkMaganathin Veeraragaloo
 
Content Aware SIEM™ defined
Content Aware SIEM™ definedContent Aware SIEM™ defined
Content Aware SIEM™ definedEnterprise Technology Management (ETM)
 
Soc 2 vs iso 27001 certification withh links converted-converted
Soc 2 vs iso 27001 certification withh links converted-convertedSoc 2 vs iso 27001 certification withh links converted-converted
Soc 2 vs iso 27001 certification withh links converted-convertedVISTA InfoSec
 
OmniNet MDS HIPPA Compliance Info
OmniNet MDS HIPPA Compliance InfoOmniNet MDS HIPPA Compliance Info
OmniNet MDS HIPPA Compliance InfoJonathan Eubanks
 
ISO 27001 Information Security Management Systems Trends and Developments
ISO 27001 Information Security Management Systems Trends and DevelopmentsISO 27001 Information Security Management Systems Trends and Developments
ISO 27001 Information Security Management Systems Trends and DevelopmentsCertification Europe
 
Integrated Compliance
Integrated ComplianceIntegrated Compliance
Integrated ComplianceControlCase
 
AL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_webAL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_webDerrick McBreairty
 
Managing Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesManaging Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesControlCase
 
Security for v mware
Security for v mwareSecurity for v mware
Security for v mwareReadWrite
 
The Role of Government in Identity Management
The Role of Government in Identity ManagementThe Role of Government in Identity Management
The Role of Government in Identity ManagementDon Lovett
 
Log Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity MonitoringLog Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity MonitoringControlCase
 
Continuous Compliance Monitoring
Continuous Compliance MonitoringContinuous Compliance Monitoring
Continuous Compliance MonitoringControlCase
 
PCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudPCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudControlCase
 
Don’t Just Trust Cloud Providers - How To Audit Cloud Providers
Don’t Just Trust Cloud Providers - How To Audit Cloud ProvidersDon’t Just Trust Cloud Providers - How To Audit Cloud Providers
Don’t Just Trust Cloud Providers - How To Audit Cloud ProvidersMichael Davis
 
Achieving Effective IT Security with Continuous ISO 27001 Compliance
Achieving Effective IT Security with Continuous ISO 27001 ComplianceAchieving Effective IT Security with Continuous ISO 27001 Compliance
Achieving Effective IT Security with Continuous ISO 27001 ComplianceTripwire
 
PCI DSS Business as Usual
PCI DSS Business as UsualPCI DSS Business as Usual
PCI DSS Business as UsualControlCase
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Jonathan Sinclair
 
Auditing in the Cloud
Auditing in the CloudAuditing in the Cloud
Auditing in the Cloudtcarrucan
 
Vendor Management for PCI DSS, HIPAA, and FFIEC
Vendor Management for PCI DSS, HIPAA, and FFIECVendor Management for PCI DSS, HIPAA, and FFIEC
Vendor Management for PCI DSS, HIPAA, and FFIECControlCase
 
COBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKCOBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
PCI DSS Business as Usual (BAU)
PCI DSS Business as Usual (BAU)PCI DSS Business as Usual (BAU)
PCI DSS Business as Usual (BAU)ControlCase
 
Integrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to ManyIntegrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to ManyControlCase
 
PCI DSS and Other Related Updates
PCI DSS and Other Related UpdatesPCI DSS and Other Related Updates
PCI DSS and Other Related UpdatesControlCase
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and ComplianceQuadrisk
 
Microsoft azure, dynamics 365, and other online services iso27001, 27018, 2...
Microsoft azure, dynamics 365, and other online services iso27001, 27018, 2...Microsoft azure, dynamics 365, and other online services iso27001, 27018, 2...
Microsoft azure, dynamics 365, and other online services iso27001, 27018, 2...VidipOlhyan
 
Ch. 1 plainchant & secular monophony
Ch. 1 plainchant & secular monophonyCh. 1 plainchant & secular monophony
Ch. 1 plainchant & secular monophonydavaughnmiller
 
Cell Based Assays Americas (2012)
Cell Based Assays Americas (2012)Cell Based Assays Americas (2012)
Cell Based Assays Americas (2012)shad121
 

More Related Content

What's hot

Integrated Compliance
Integrated ComplianceIntegrated Compliance
Integrated ComplianceControlCase
 
Managing Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesManaging Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesControlCase
 
Security for v mware
Security for v mwareSecurity for v mware
Security for v mwareReadWrite
 
The Role of Government in Identity Management
The Role of Government in Identity ManagementThe Role of Government in Identity Management
The Role of Government in Identity ManagementDon Lovett
 
Log Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity MonitoringLog Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity MonitoringControlCase
 
Continuous Compliance Monitoring
Continuous Compliance MonitoringContinuous Compliance Monitoring
Continuous Compliance MonitoringControlCase
 
PCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudPCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudControlCase
 
Don’t Just Trust Cloud Providers - How To Audit Cloud Providers
Don’t Just Trust Cloud Providers - How To Audit Cloud ProvidersDon’t Just Trust Cloud Providers - How To Audit Cloud Providers
Don’t Just Trust Cloud Providers - How To Audit Cloud ProvidersMichael Davis
 
Achieving Effective IT Security with Continuous ISO 27001 Compliance
Achieving Effective IT Security with Continuous ISO 27001 ComplianceAchieving Effective IT Security with Continuous ISO 27001 Compliance
Achieving Effective IT Security with Continuous ISO 27001 ComplianceTripwire
 
PCI DSS Business as Usual
PCI DSS Business as UsualPCI DSS Business as Usual
PCI DSS Business as UsualControlCase
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Jonathan Sinclair
 
Auditing in the Cloud
Auditing in the CloudAuditing in the Cloud
Auditing in the Cloudtcarrucan
 
Vendor Management for PCI DSS, HIPAA, and FFIEC
Vendor Management for PCI DSS, HIPAA, and FFIECVendor Management for PCI DSS, HIPAA, and FFIEC
Vendor Management for PCI DSS, HIPAA, and FFIECControlCase
 
PCI DSS Business as Usual (BAU)
PCI DSS Business as Usual (BAU)PCI DSS Business as Usual (BAU)
PCI DSS Business as Usual (BAU)ControlCase
 
Integrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to ManyIntegrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to ManyControlCase
 
PCI DSS and Other Related Updates
PCI DSS and Other Related UpdatesPCI DSS and Other Related Updates
PCI DSS and Other Related UpdatesControlCase
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and ComplianceQuadrisk
 
Microsoft azure, dynamics 365, and other online services iso27001, 27018, 2...
Microsoft azure, dynamics 365, and other online services iso27001, 27018, 2...Microsoft azure, dynamics 365, and other online services iso27001, 27018, 2...
Microsoft azure, dynamics 365, and other online services iso27001, 27018, 2...VidipOlhyan
 

What's hot (20)

Integrated Compliance
Integrated ComplianceIntegrated Compliance
Integrated Compliance
 
AL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_webAL_PCI-Cheatsheet_web
AL_PCI-Cheatsheet_web
 
Managing Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesManaging Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust Principles
 
Security for v mware
Security for v mwareSecurity for v mware
Security for v mware
 
The Role of Government in Identity Management
The Role of Government in Identity ManagementThe Role of Government in Identity Management
The Role of Government in Identity Management
 
Log Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity MonitoringLog Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity Monitoring
 
Continuous Compliance Monitoring
Continuous Compliance MonitoringContinuous Compliance Monitoring
Continuous Compliance Monitoring
 
PCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudPCI DSS Compliance in the Cloud
PCI DSS Compliance in the Cloud
 
Don’t Just Trust Cloud Providers - How To Audit Cloud Providers
Don’t Just Trust Cloud Providers - How To Audit Cloud ProvidersDon’t Just Trust Cloud Providers - How To Audit Cloud Providers
Don’t Just Trust Cloud Providers - How To Audit Cloud Providers
 
Achieving Effective IT Security with Continuous ISO 27001 Compliance
Achieving Effective IT Security with Continuous ISO 27001 ComplianceAchieving Effective IT Security with Continuous ISO 27001 Compliance
Achieving Effective IT Security with Continuous ISO 27001 Compliance
 
PCI DSS Business as Usual
PCI DSS Business as UsualPCI DSS Business as Usual
PCI DSS Business as Usual
 
Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011Cloud Compliance Auditing - Closer 2011
Cloud Compliance Auditing - Closer 2011
 
Auditing in the Cloud
Auditing in the CloudAuditing in the Cloud
Auditing in the Cloud
 
Vendor Management for PCI DSS, HIPAA, and FFIEC
Vendor Management for PCI DSS, HIPAA, and FFIECVendor Management for PCI DSS, HIPAA, and FFIEC
Vendor Management for PCI DSS, HIPAA, and FFIEC
 
COBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKCOBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORK
 
PCI DSS Business as Usual (BAU)
PCI DSS Business as Usual (BAU)PCI DSS Business as Usual (BAU)
PCI DSS Business as Usual (BAU)
 
Integrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to ManyIntegrated Compliance – Collect Evidence Once, Certify to Many
Integrated Compliance – Collect Evidence Once, Certify to Many
 
PCI DSS and Other Related Updates
PCI DSS and Other Related UpdatesPCI DSS and Other Related Updates
PCI DSS and Other Related Updates
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and Compliance
 
Microsoft azure, dynamics 365, and other online services iso27001, 27018, 2...
Microsoft azure, dynamics 365, and other online services iso27001, 27018, 2...Microsoft azure, dynamics 365, and other online services iso27001, 27018, 2...
Microsoft azure, dynamics 365, and other online services iso27001, 27018, 2...
 

Viewers also liked

Ch. 1 plainchant & secular monophony
Ch. 1 plainchant & secular monophonyCh. 1 plainchant & secular monophony
Ch. 1 plainchant & secular monophonydavaughnmiller
 
Cell Based Assays Americas (2012)
Cell Based Assays Americas (2012)Cell Based Assays Americas (2012)
Cell Based Assays Americas (2012)shad121
 
Salon Firmowy Bydgoszcz
Salon Firmowy BydgoszczSalon Firmowy Bydgoszcz
Salon Firmowy BydgoszczsalonyVi
 
Good file practice
Good file practiceGood file practice
Good file practiceamcsquared
 
GARRAIOEN MURALA
GARRAIOEN MURALAGARRAIOEN MURALA
GARRAIOEN MURALAELIZALDE
 
Economia e diritto_del_terziario(1)
Economia e diritto_del_terziario(1)Economia e diritto_del_terziario(1)
Economia e diritto_del_terziario(1)Fabio Sibio
 
SF INTECH Skoczów
SF INTECH SkoczówSF INTECH Skoczów
SF INTECH SkoczówsalonyVi
 
Shift and Explore Flip Apply
Shift and Explore Flip ApplyShift and Explore Flip Apply
Shift and Explore Flip Applyamcsquared
 
KUS-AN Tadeusz Kuś
KUS-AN Tadeusz KuśKUS-AN Tadeusz Kuś
KUS-AN Tadeusz KuśsalonyVi
 
Hh5eko lagunak
Hh5eko lagunakHh5eko lagunak
Hh5eko lagunakELIZALDE
 
MOI TRUONG KINH DOANH
MOI TRUONG KINH DOANHMOI TRUONG KINH DOANH
MOI TRUONG KINH DOANHKim Qúy
 
Songs of-kabir - tradus de tagore
Songs of-kabir - tradus de tagoreSongs of-kabir - tradus de tagore
Songs of-kabir - tradus de tagoreValeriu Cismas
 
IT tools for the management of community projects
IT tools for the management of community projectsIT tools for the management of community projects
IT tools for the management of community projectsMohamed Khalloufi
 
Inequations and finding rule
Inequations and finding ruleInequations and finding rule
Inequations and finding ruleamcsquared
 
Transition to Independence
Transition to IndependenceTransition to Independence
Transition to Independencemitoaction
 
SISKO Trzcianka
SISKO TrzciankaSISKO Trzcianka
SISKO TrzciankasalonyVi
 

Viewers also liked (20)

Ch. 1 plainchant & secular monophony
Ch. 1 plainchant & secular monophonyCh. 1 plainchant & secular monophony
Ch. 1 plainchant & secular monophony
 
Cell Based Assays Americas (2012)
Cell Based Assays Americas (2012)Cell Based Assays Americas (2012)
Cell Based Assays Americas (2012)
 
U7 1ME108
U7 1ME108 U7 1ME108
U7 1ME108
 
Salon Firmowy Bydgoszcz
Salon Firmowy BydgoszczSalon Firmowy Bydgoszcz
Salon Firmowy Bydgoszcz
 
Good file practice
Good file practiceGood file practice
Good file practice
 
portfolio
portfolioportfolio
portfolio
 
GARRAIOEN MURALA
GARRAIOEN MURALAGARRAIOEN MURALA
GARRAIOEN MURALA
 
Economia e diritto_del_terziario(1)
Economia e diritto_del_terziario(1)Economia e diritto_del_terziario(1)
Economia e diritto_del_terziario(1)
 
Kabir 2012 5
Kabir 2012 5Kabir 2012 5
Kabir 2012 5
 
SF INTECH Skoczów
SF INTECH SkoczówSF INTECH Skoczów
SF INTECH Skoczów
 
Shift and Explore Flip Apply
Shift and Explore Flip ApplyShift and Explore Flip Apply
Shift and Explore Flip Apply
 
KUS-AN Tadeusz Kuś
KUS-AN Tadeusz KuśKUS-AN Tadeusz Kuś
KUS-AN Tadeusz Kuś
 
Hh5eko lagunak
Hh5eko lagunakHh5eko lagunak
Hh5eko lagunak
 
MOI TRUONG KINH DOANH
MOI TRUONG KINH DOANHMOI TRUONG KINH DOANH
MOI TRUONG KINH DOANH
 
Songs of-kabir - tradus de tagore
Songs of-kabir - tradus de tagoreSongs of-kabir - tradus de tagore
Songs of-kabir - tradus de tagore
 
IT tools for the management of community projects
IT tools for the management of community projectsIT tools for the management of community projects
IT tools for the management of community projects
 
Inequations and finding rule
Inequations and finding ruleInequations and finding rule
Inequations and finding rule
 
Transition to Independence
Transition to IndependenceTransition to Independence
Transition to Independence
 
Cristo y profecias
Cristo y profeciasCristo y profecias
Cristo y profecias
 
SISKO Trzcianka
SISKO TrzciankaSISKO Trzcianka
SISKO Trzcianka
 

Similar to Leading Emergency Software Solution Provider Automates HIPAA and SOX Compliance Processes

Hyper converged infrastructure in healthcare / VxRail review
Hyper converged infrastructure in healthcare / VxRail reviewHyper converged infrastructure in healthcare / VxRail review
Hyper converged infrastructure in healthcare / VxRail reviewMohamedAli2347
 
Compliance in the Cloud
Compliance in the CloudCompliance in the Cloud
Compliance in the CloudRapidScale
 
What operational technology cyber security is?
What operational technology cyber security is?What operational technology cyber security is?
What operational technology cyber security is?sohailAhmad304
 
Facility Environmental Audit Guidelines
Facility Environmental Audit GuidelinesFacility Environmental Audit Guidelines
Facility Environmental Audit Guidelinesamburyj3c9
 
HIPAA and HITRUST on AWS
HIPAA and HITRUST on AWSHIPAA and HITRUST on AWS
HIPAA and HITRUST on AWSLogicworksNY
 
Maintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFixMaintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFixHCLSoftware
 
NetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetwrix Corporation
 
Bigfix Multicloud Management
Bigfix Multicloud ManagementBigfix Multicloud Management
Bigfix Multicloud ManagementHCLSoftware
 
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid ITOptimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid ITSirius
 
Web Werks Data Center Achieves HIPAA Compliance Certification
Web Werks Data Center Achieves HIPAA Compliance CertificationWeb Werks Data Center Achieves HIPAA Compliance Certification
Web Werks Data Center Achieves HIPAA Compliance CertificationWeb Werks Data Centers
 
tibbr Security Overview
tibbr Security Overviewtibbr Security Overview
tibbr Security Overviewtibbr
 
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docx
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docxWorksheet 4 LANWAN Compliance and Auditinglook on the docume.docx
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docxgriffinruthie22
 
Generic Security Framework for Multiple Heterogeneous Virtual Infrastructures
Generic Security Framework for Multiple Heterogeneous Virtual InfrastructuresGeneric Security Framework for Multiple Heterogeneous Virtual Infrastructures
Generic Security Framework for Multiple Heterogeneous Virtual InfrastructuresIJRES Journal
 
Introduction to Gravitational Teleport
Introduction to Gravitational TeleportIntroduction to Gravitational Teleport
Introduction to Gravitational TeleportTeleport
 
Industrial Control Systems Go Mobile in the Cloud
Industrial Control Systems Go Mobile in the CloudIndustrial Control Systems Go Mobile in the Cloud
Industrial Control Systems Go Mobile in the CloudLockheed Martin
 
How the World's Largest Date Agriculture Company "Planted" File Server Auditing
How the World's Largest Date Agriculture Company "Planted" File Server AuditingHow the World's Largest Date Agriculture Company "Planted" File Server Auditing
How the World's Largest Date Agriculture Company "Planted" File Server AuditingNetwrix Corporation
 

Similar to Leading Emergency Software Solution Provider Automates HIPAA and SOX Compliance Processes (20)

Tyler Technology Expo
Tyler Technology ExpoTyler Technology Expo
Tyler Technology Expo
 
Qradar Business Case
Qradar Business CaseQradar Business Case
Qradar Business Case
 
Hyper converged infrastructure in healthcare / VxRail review
Hyper converged infrastructure in healthcare / VxRail reviewHyper converged infrastructure in healthcare / VxRail review
Hyper converged infrastructure in healthcare / VxRail review
 
Compliance in the Cloud
Compliance in the CloudCompliance in the Cloud
Compliance in the Cloud
 
What operational technology cyber security is?
What operational technology cyber security is?What operational technology cyber security is?
What operational technology cyber security is?
 
Facility Environmental Audit Guidelines
Facility Environmental Audit GuidelinesFacility Environmental Audit Guidelines
Facility Environmental Audit Guidelines
 
HIPAA and HITRUST on AWS
HIPAA and HITRUST on AWSHIPAA and HITRUST on AWS
HIPAA and HITRUST on AWS
 
Maintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFixMaintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFix
 
NetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don Jones
 
Bigfix Multicloud Management
Bigfix Multicloud ManagementBigfix Multicloud Management
Bigfix Multicloud Management
 
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid ITOptimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
 
Web Werks Data Center Achieves HIPAA Compliance Certification
Web Werks Data Center Achieves HIPAA Compliance CertificationWeb Werks Data Center Achieves HIPAA Compliance Certification
Web Werks Data Center Achieves HIPAA Compliance Certification
 
Healthcare HIPAA Compliance
Healthcare HIPAA ComplianceHealthcare HIPAA Compliance
Healthcare HIPAA Compliance
 
tibbr Security Overview
tibbr Security Overviewtibbr Security Overview
tibbr Security Overview
 
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docx
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docxWorksheet 4 LANWAN Compliance and Auditinglook on the docume.docx
Worksheet 4 LANWAN Compliance and Auditinglook on the docume.docx
 
Generic Security Framework for Multiple Heterogeneous Virtual Infrastructures
Generic Security Framework for Multiple Heterogeneous Virtual InfrastructuresGeneric Security Framework for Multiple Heterogeneous Virtual Infrastructures
Generic Security Framework for Multiple Heterogeneous Virtual Infrastructures
 
Introduction to Gravitational Teleport
Introduction to Gravitational TeleportIntroduction to Gravitational Teleport
Introduction to Gravitational Teleport
 
Industrial Control Systems Go Mobile in the Cloud
Industrial Control Systems Go Mobile in the CloudIndustrial Control Systems Go Mobile in the Cloud
Industrial Control Systems Go Mobile in the Cloud
 
Industrial Control System Applications go Mobile in the Cloud 20150825 v1
Industrial Control System Applications go Mobile in the Cloud 20150825 v1Industrial Control System Applications go Mobile in the Cloud 20150825 v1
Industrial Control System Applications go Mobile in the Cloud 20150825 v1
 
How the World's Largest Date Agriculture Company "Planted" File Server Auditing
How the World's Largest Date Agriculture Company "Planted" File Server AuditingHow the World's Largest Date Agriculture Company "Planted" File Server Auditing
How the World's Largest Date Agriculture Company "Planted" File Server Auditing
 

More from Netwrix Corporation

File system auditing who accessed what files and where
File system auditing who accessed what files and whereFile system auditing who accessed what files and where
File system auditing who accessed what files and whereNetwrix Corporation
 
Top 10 critical changes to audit in your it infrastructure
Top 10 critical changes to audit in your it infrastructureTop 10 critical changes to audit in your it infrastructure
Top 10 critical changes to audit in your it infrastructureNetwrix Corporation
 
Top 5 identity management challenges and solutions
Top 5 identity management challenges and solutionsTop 5 identity management challenges and solutions
Top 5 identity management challenges and solutionsNetwrix Corporation
 
Top 5 critical changes to audit for active directory
Top 5 critical changes to audit for active directoryTop 5 critical changes to audit for active directory
Top 5 critical changes to audit for active directoryNetwrix Corporation
 
How to Effectively Audit your IT Infrastructure
How to Effectively Audit your IT InfrastructureHow to Effectively Audit your IT Infrastructure
How to Effectively Audit your IT InfrastructureNetwrix Corporation
 
Auditing Active Directory to Comply with State and Federal Regulations
Auditing Active Directory to Comply with State and Federal RegulationsAuditing Active Directory to Comply with State and Federal Regulations
Auditing Active Directory to Comply with State and Federal RegulationsNetwrix Corporation
 
Auditing Solution Enables Coaching of Staff and Pleases Auditors
Auditing Solution Enables Coaching of Staff and Pleases AuditorsAuditing Solution Enables Coaching of Staff and Pleases Auditors
Auditing Solution Enables Coaching of Staff and Pleases AuditorsNetwrix Corporation
 
Automated De-provisioning of Inactive Users Accounts
Automated De-provisioning of Inactive Users AccountsAutomated De-provisioning of Inactive Users Accounts
Automated De-provisioning of Inactive Users AccountsNetwrix Corporation
 
USB Port Protection that Hardens Endpoint Security and Streamlines Compliance
USB Port Protection that Hardens Endpoint Security and Streamlines ComplianceUSB Port Protection that Hardens Endpoint Security and Streamlines Compliance
USB Port Protection that Hardens Endpoint Security and Streamlines ComplianceNetwrix Corporation
 
Ensuring Data Protection by controlling the Use of Removable Media
Ensuring Data Protection by controlling the Use of Removable MediaEnsuring Data Protection by controlling the Use of Removable Media
Ensuring Data Protection by controlling the Use of Removable MediaNetwrix Corporation
 
Active Directory Change Auditing in the Enterprise
Active Directory Change Auditing in the EnterpriseActive Directory Change Auditing in the Enterprise
Active Directory Change Auditing in the EnterpriseNetwrix Corporation
 
Extending Change Auditing to Exchange Server
Extending Change Auditing to Exchange ServerExtending Change Auditing to Exchange Server
Extending Change Auditing to Exchange ServerNetwrix Corporation
 
Staying Abreast of Group Policy Changes
Staying Abreast of Group Policy ChangesStaying Abreast of Group Policy Changes
Staying Abreast of Group Policy ChangesNetwrix Corporation
 
The Business Case for Account Lockout Management
The Business Case for Account Lockout ManagementThe Business Case for Account Lockout Management
The Business Case for Account Lockout ManagementNetwrix Corporation
 
Exchange Auditing in the Enterprise
Exchange Auditing in the EnterpriseExchange Auditing in the Enterprise
Exchange Auditing in the EnterpriseNetwrix Corporation
 

More from Netwrix Corporation (17)

File system auditing who accessed what files and where
File system auditing who accessed what files and whereFile system auditing who accessed what files and where
File system auditing who accessed what files and where
 
Top 10 critical changes to audit in your it infrastructure
Top 10 critical changes to audit in your it infrastructureTop 10 critical changes to audit in your it infrastructure
Top 10 critical changes to audit in your it infrastructure
 
Top 5 identity management challenges and solutions
Top 5 identity management challenges and solutionsTop 5 identity management challenges and solutions
Top 5 identity management challenges and solutions
 
Top 5 critical changes to audit for active directory
Top 5 critical changes to audit for active directoryTop 5 critical changes to audit for active directory
Top 5 critical changes to audit for active directory
 
How to Effectively Audit your IT Infrastructure
How to Effectively Audit your IT InfrastructureHow to Effectively Audit your IT Infrastructure
How to Effectively Audit your IT Infrastructure
 
Auditing Active Directory to Comply with State and Federal Regulations
Auditing Active Directory to Comply with State and Federal RegulationsAuditing Active Directory to Comply with State and Federal Regulations
Auditing Active Directory to Comply with State and Federal Regulations
 
Auditing Solution Enables Coaching of Staff and Pleases Auditors
Auditing Solution Enables Coaching of Staff and Pleases AuditorsAuditing Solution Enables Coaching of Staff and Pleases Auditors
Auditing Solution Enables Coaching of Staff and Pleases Auditors
 
Automated De-provisioning of Inactive Users Accounts
Automated De-provisioning of Inactive Users AccountsAutomated De-provisioning of Inactive Users Accounts
Automated De-provisioning of Inactive Users Accounts
 
USB Port Protection that Hardens Endpoint Security and Streamlines Compliance
USB Port Protection that Hardens Endpoint Security and Streamlines ComplianceUSB Port Protection that Hardens Endpoint Security and Streamlines Compliance
USB Port Protection that Hardens Endpoint Security and Streamlines Compliance
 
Ensuring Data Protection by controlling the Use of Removable Media
Ensuring Data Protection by controlling the Use of Removable MediaEnsuring Data Protection by controlling the Use of Removable Media
Ensuring Data Protection by controlling the Use of Removable Media
 
Active Directory Change Auditing in the Enterprise
Active Directory Change Auditing in the EnterpriseActive Directory Change Auditing in the Enterprise
Active Directory Change Auditing in the Enterprise
 
Extending Change Auditing to Exchange Server
Extending Change Auditing to Exchange ServerExtending Change Auditing to Exchange Server
Extending Change Auditing to Exchange Server
 
Staying Abreast of Group Policy Changes
Staying Abreast of Group Policy ChangesStaying Abreast of Group Policy Changes
Staying Abreast of Group Policy Changes
 
The Business Case for Account Lockout Management
The Business Case for Account Lockout ManagementThe Business Case for Account Lockout Management
The Business Case for Account Lockout Management
 
Exchange Auditing in the Enterprise
Exchange Auditing in the EnterpriseExchange Auditing in the Enterprise
Exchange Auditing in the Enterprise
 
File Auditing in the Enterprise
File Auditing in the EnterpriseFile Auditing in the Enterprise
File Auditing in the Enterprise
 
File auditing on NetApp Filer
File auditing on NetApp Filer File auditing on NetApp Filer
File auditing on NetApp Filer
 

Leading Emergency Software Solution Provider Automates HIPAA and SOX Compliance Processes

  • 1. NetWrix Customer Case Study Leading Emergency Software Solution Provider Automates HIPAA and SOX Compliance Processes “Every change we make to AD is now logged Customer: and audited which helps us to see exactly Zoll Data Systems what is going on with our domain Web Site: controllers. File server management and www.zolldata.com auditing help us with our HIPAA and SOX Number of Users: 360 compliance.” Bhupinder Virdi, Industry: IT Department, ZOLL Data Systems, division of Zoll Medical Manufacturing, Healthcare Corporation ZOLL Data Systems, a division of Zoll Medical Corporation Solution: (NASDAQ:ZOLL), is one of the leaders in software solutions for fire Change Auditing and emergency medical services industry. Zoll Data Systems develops an integrated software suite under the RescueNet brand Product: name which is a fully integrated data management system that NetWrix Change Reporter Suite gathers and centralizes information and links the entire pre-hospital chain of events into a single system. Vendor: NetWrix Corporation Phone: 888-638-9749 Web Site: www.netwrix.com Challenge: Sustaining Compliance and Passing Compliance Audits “The main issue we had to deal with was ability to successfully pass Customer Profile: all upcoming compliance audits,” said Virdi. Compliance ZOLL Data Systems, a division of Zoll Medical requirements must be enforced to ensure adherence to the laws and Corporation (NASDAQ:ZOLL) is one of the leaders in fire and EMS software solutions. regulations mandated by various industry committees and government institutions. To be "in compliance" is not a one-time event but requires a continuous and often costly effort. Being a business associate of many a health organization (emergency hospitals, etc) as a provider of EMS software, Zoll Data Systems has to comply with HIPAA (Health Insurance Portability and Accountability Act). It basically means that the company is liable to providing security and privacy of patient data to guarantee non-disclosure of protected health information. From an IT department's standpoint, a typical HIPAA or its enhanced HITECH implementation is based on the following core principles aimed to provide transparency and accountability (auditability) of regulated data and systems: Copyright © NetWrix Corporation. All rights reserved.
  • 2. NetWrix Customer Case Study • Identity management and access control: to Solution: Integrated Regulatory ensure that data is only accessible by personnel that have a business need. Compliance for HIPAA/HITECH and SOX • System configuration control: tracking of administrative activities. Once the need was realized the IT team at Zoll Data started looking for an appropriate solution to • Monitoring of access to data: knowledge of prepare for compliance audits. During the selection who accessed what data and when and review on process the IT team considered various solutions a regular basis. including, as pointed out by Virdi, products from ManageEngine and LogRythm, as well as NetWrix • Data handling and encryption control: Change Reporter Suite . The solution from NetWrix protection of data in storage and during transfers. suited the needs of Zoll in terms of, as described by Virdi, “cost, features and integration with other products”. NetWrix Change Reporter Suite has a Thus the main elements in an IT infrastructure that unique set of features which includes the ultimate have to be audited include Active Directory as it set of NetWrix Change Reporter products, e.g. stores information about all network components NetWrix File Server Change Reporter and NetWrix and file server environment where all the business Active Directory Change Reporter crucial to sustain data is usually kept. regulatory compliance. Another regulation that Zoll Data Systems has to Apart from cost and functionality the IT team comply with is SOX (Sarbanes Oxley Act) being a mentioned another benefit of the Suite which is part of Zoll Medical Corporation, which is publically NetWrix Enterprise Management Console, a central traded on the US stock exchange (NASDAQ:ZOLL). element of the Suite, based on the familiar The goal of SOX is transparency and accountability Microsoft Management Console (MMC) of public companies for investor protection. The look-and-feel, which consolidates management compliance regulations under the Sarbanes Oxley and configuration tasks and allows managing all Act define three major requirements: establishing the Suite’s components at once: “I like the fact that of controls, ongoing evaluation of controls there is an integrated enterprise console to (monitoring and testing), and disclosure manage all the products,” added Virdi. ("auditability") of control effectiveness (including defects and weaknesses that can result in fraud). The timeline for deployment of the NetWrix solution was easily met and went smoothly with The very need to comply with both regulations in the help of NetWrix technical support team. “The the view of the upcoming compliance audits made whole implementation project was completed in IT team at Zoll Data Systems seek an appropriate just a matter of month and it only took a week to solution that would maintain established controls deploy all the products,” said Virdi. The level of by tracking and reporting all changes in IT service rendered to the customer by the NetWrix infrastructure for auditing purposes and team at all the stages from the product inception implementing secure identity management till the ready-for-launch was characterized by Virdi practices that would ensure system security. as “very professional and helpful”. Copyright © NetWrix Corporation. All rights reserved.
  • 3. NetWrix Customer Case Study Proven Results: About NetWrix Corporation Improved Visibility into IT NetWrix Corporation is a highly specialized Infrastructure and Satisfied provider of solutions for IT infrastructure change auditing. Change auditing is the core competency Compliance Auditors of NetWrix and no other vendor focuses on this Soon after introducing NetWrix Change Reporter more extensively. With the broadest platform Suite to the Zoll’s IT infrastructure the IT team was coverage available in the industry, innovative capable of providing auditability in terms of technology and strategic roadmap aiming to administrative and technical safeguards, support different types of IT systems, devices and accounting for disclosures of protected health applications, NetWrix offers award-winning change information (HIPAA compliance) as well as in terms auditing solutions at very competitive prices, of infrastructure resource protection/availability; matched with great customer service. Founded in infrastructure maintenance; change management 2006, NetWrix has evolved as #1 for Change and systems security (SOX compliance). “Every Auditing as evidenced by thousands of satisfied change we made to AD is now logged and audited customers worldwide. which helps us see exactly what is going on with our domain controllers,” Virdi describes the major The company is headquartered in Paramus, NJ, and benefits of implementing Change Reporter Suite. has regional offices in Los Angeles, Boston, Tampa “File server management and auditing helps us and the UK. with our HIPAA and SOX compliance thanks to NetWrix File Server Change Reporter,” continued NetWrix IT infrastructure auditing solutions have Virdi. won more than 40 prestigious awards and are used by thousands of organizations around the world. The impressive list of customers from various industries includes many well-known brands, such as IBM®, Boeing®, Mitsubishi®, Hyundai® and more. Copyright © NetWrix Corporation. All rights reserved.