The Kinamik Secure Audit Vault helps organizations comply with the following standards:
-
HIPAA: The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. government law. It intends to protect the privacy of electronic patient health information by mandating accountability through use of risk based management approach to implementing appropriate security controls. HIPPA’s Security Rule 164.312(c) specifically mentions "integrity" as part of the technical safeguards organizations must put in place, and that they must implement "policies and procedures to protect electronic protected health information from improper alteration or destruction". The Kinamik Secure Audit Vault secures sensitive audit data in a tamper-evident vault, and by adding a “digital fingerprint” to the highest level of detail.
-
NIST 800-92 Guide to Computer Security Log Management
: The Nations Institute of Standards and Technology (NIST) is a U.S. government non regulatory agency within the Department of Commerce mandated, in part, to establish information security management and implementation guidelines in support of both government and commercial organizations.
The 800-92 Standard on Computer Security Log Management in section 2.3.2 Log Protection suggests "logs contain records of system and network security, they need to be protected from breaches of their confidentiality and integrity." Also, section 3.2 Functions suggests: “Ensuring that the original logs are not altered supports their use for evidentiary purposes”. The Kinamik Secure Audit Vault addresses these sections by providing data-centric encryption and data integrity protection; this means data is protected from unauthorized access, deletion or modification. It provides mathematical certainty that logs haven't been altered, thus augmenting the evidentiary weight of the electronic records.
|
