Endgame full-stack protection achieves HIPAA compliance

third party testing

When WannaCry ransomware paralyzed and created chaos throughout Britain’s National Health System earlier this year, it became abundantly clear that hospitals and healthcare providers are not immune to opportunistic or targeted attacks. As targeted attacks continue to rise, endpoints and servers that access electronic personal health information (ePHI) and electronic medical record (EMR) are prime targets for criminals and nation-state attackers. In fact, healthcare is among the top industries targeted by cyber attacks, as adversaries seek not only health records, but personally identifiable information such as social security numbers and birth dates, as well as contact information such as phone numbers.

Importantly, this wide range of personal and health data is all protected under the Health Insurance Portability and Accountability Act (HIPAA). The Department of Health and Human Services (HHS) investigates organizations for failing to comply with safeguards to protect the entirety of health-related information. If your organization is attacked and any of this broad range of data is breached, your organization could be found in violation of HIPAA. In 2016, HIPAA violations exceeded  $23 million, and currently surpass $17 million in 2017.

Fortunately, organizations can now use the same technology to achieve HIPAA compliance and protect against these targeted attacks. To validate this, we engaged Coalfire Systems Inc. (Coalfire), a leading provider of industry-specific cyber risk management and compliance services, to conduct an independent technical assessment of our platform against the requirements of the HIPAA Security Rule. We are pleased to announce that the Endgame platform is HIPAA compliant, providing full-stack protection against even targeted attacks.

The Endgame platform enables companies to fill this gap and provide comprehensive coverage against a broad range of attacks, while helping companies remain HIPAA compliant.

Based on the sample testing and evidence gathered during Coalfire’s assessment, the Endgame platform provides comprehensive coverage, including for the following standards:

  • Protection from Malicious Software (164.308(a)(5)(ii)(B)): Endgame implements security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level and also complies with §164.306(a): Security Standards, Administrative Safeguards.
  • Security Incident Procedures (164.308 (a)(6)(i)): Endgame implements policies and procedures to address security incidents.
  • Response and Reporting (164.308(a)(6)(ii)): Endgame identifies and responds to suspected or known security incidents; mitigates, to the extent practicable, harmful effects of security incidents that are known to the covered entity or business associate; and documents security incidents and their outcomes.
  • Audit Controls (164.312(b))): Endgame implements hardware, software and/or other procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.

During the assessment, the Endgame platform also effectively mitigated various forms of malicious attacks, including:

  • Malware protection at file execution (prevents execution on installation)
  • Malware detection for created and modified files
  • Application exploits prevention (prevents execution on installation)
  • Application exploits detection
  • Ransomware prevention

In addition to these assessments, Endgame also proved effective in numerous other areas. For instance, our sensor could not be disabled by unauthorized users. Endgame also provides additional features, such as those for investigations (hunting for endpoints data), fileless attacks, whitelisting of files or applications, IOC search on file, network, process, registry and users. In fact, the healthcare company, Martin’s Point, recently replaced their AV with Endgame, expanding their coverage of attacker techniques while meeting HIPAA requirements.

Endgame’s layered approach has already proven effective at protecting some of the world’s most sensitive data. This assessment validates these defenses, and further solidifies the platform among the first to surpass HIPAA compliance requirements to further protect the healthcare industry while ensuring compliance to existing security and privacy rules.

Healthcare providers everywhere face increasingly sophisticated attacks that regularly evade legacy defenses. Coalfire, a leading HIPAA assessor, has validated the Endgame platform as HIPAA compliant. Our platform’s full stack prevention, accelerated detection and response, and automated hunting across the breadth and depth of the MITRE ATTACKTM matrix was assessed as meeting or exceeding requirements to protect patient data from state and criminal attackers. With HIPAA compliance recognized, including meeting the key technical requirements in the HIPAA Security and Privacy Rules, the Endgame platform not only protects organizations from advanced threats, but also ensures those in the health sector are also in compliance with HIPAA standards while protecting some of the world’s most sensitive data.

 

A comprehensive white paper provides additional information on the Coalfire assessment. To receive a detailed demo, reach out to demo@endgame.com