Privacy Compliance Today
Since HIPAA was enacted in 1996, it has added requirements for personal data security that has changed US healthcare security in dramatic ways. Healthcare providers must transition from being reactive (i.e. when data leakage occurs), to being proactive, showing that they are actively monitoring their systems for incorrect usage internally/externally, and being able to demonstrate a complete audit trail of exactly what data was accessed by who and when.
In May 2018, the European Union (EU) General Data Protection Regulation (GDPR) comes into force, mandating ALL companies that process data residents to follow regulations. Failure to comply with GDPR results in fines of up to 4% of the company’s worldwide revenue. The goal is to protect “any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address.”
Heimdall Data for Privacy Compliance
Organizations can now easily audit and control data access for databases. Heimdall Data provides a complete layer of security features to assist organizations in complying with the stringent guidelines for HIPAA as well as the EU GDPR, without having to change applications or databases. Below are the solutions:
Database firewall: Our learning engine allows normal query patterns to be passed, and then either alerts or blocks new SQL patterns from accessing the database. In controlled environments, this enforces that only known-good SQL to be allowed to the database, creating a whitelist filter. Alternatively, black-list patterns can be created, such as to block say “SELECT * .*” enforcing that only exactly named columns will be allowed for any query.
Detection of Data Breaches: Heimdall implements “honeytoken” detection and alerting. A honeytoken is a piece of data that is inserted into a database or other data source that should never be accessed, such as a fake patient record. Any query that returns such a record is immediately flagged a suspicious, and alerts generated for further analysis. This feature identifies data access that is either unintentionally broad in nature, or is mining the database for unauthorized data, such as getting a complete list of patients to sell for identity theft. The use of honeytokens allows immediate alerting to such activity, providing a proactive but lightweight layer of security.
Audit trails: Heimdall will log to an immutable log every request and response generated by the database, to allow full accounting of who accessed records at what time. This record can be exported into behavior analysis systems to identify suspicious activity. Heimdall is configurable allowing the audit trail to be limited in scope to sensitive data, either by table or even by columns within a table that need to be recorded, in order to reduce the volume of data.
The final benefit the architecture: Heimdall is designed to be inserted between the application and the database, and can be operated by a team(s) distinct from the database and the application owners. This allows a security team to monitor the interactions between the two, and by limiting access, it prevents a bad actor in either the database group or the application software group from modifying the controls to hide their malicious actions.
For more information about how Heimdall Data can protect your data and fulfill compliance contact us at email@example.com today!