Endgame Achieves Independent Validation for HIPAA Compliance
Results confirm Endgame’s ability to protect healthcare organizations from malicious threats
ARLINGTON, VA – November 27, 2017 – Endgame, the leader in endpoint protection against targeted attacks, today announced it has been independently validated to help healthcare organizations meet compliance requirements in the Health Insurance Portability and Accountability Act (HIPAA). Endgame was evaluated by Coalfire, a leading assessor for compliance standards across the financial, government, and healthcare industries. Endgame customers benefit from the assurance that Endgame’s unified next-gen antivirus, endpoint detection and response, and threat hunting platform exceeds the security and privacy requirements established by HIPAA.
Research from Forrester identified 2017 as the year when healthcare breaches would accelerate, largely due to consolidation of major healthcare providers and explosion of highly-valuable genetic and biometric patient data. This prediction has proven to be true, with over 200 US hospitals or health providers breached in 2017 to-date. Two of the most widespread ransomware attacks this year, WannaCry and NotPetya, crippled hospitals and healthcare providers globally. As healthcare organizations witness the severity of these targeted attacks, they’ve turned to Endgame for protection against the next-generation of attackers and to meet security compliance requirements.
“Visibility and fast response across our network are critical to protecting our infrastructure,” said Matthew Witten, CISO for Martin’s Point Health Care. “Endgame’s ability to provide full-stack protection gave us the confidence to replace traditional-AV solution and give comprehensive protection at the earliest stages of the attack lifecycle.”
To validate HIPAA compliance, Coalfire tested Endgame’s coverage against malware binaries and APTs for Windows endpoints. Endgame successfully met the breadth of HIPAA security and privacy requirements including:
Protection from Malicious Software (164.308(a)(5)(ii)(B))
- Endgame implements security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level to comply with § 164.306(a): Security Standards, Administrative Safeguards.
Security Incident Procedures (164.308 (a)(6)(i))
- Endgame implements policies and procedures to address security incidents.
Response and Reporting (164.308(a)(ii))
- Endgame identifies and responds to suspected or known security incidents; mitigates, to the extent practicable, harmful effects of security incidents that are known to the covered entity or business associate; and documents security incidents and their outcomes.
Audit Controls (164.312(b)))
- Endgame implements hardware, software and/or other procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.
About HIPAA Security Compliance
HIPAA is an regulatory act that passed in 1996. Title II of HIPAA provides regulations and guidelines for maintaining the security and privacy of individually identifiable health information. Compliance is mandated to all organizations defined by HIPAA as a Covered Entity, Business Associate, or Subcontractor.
Endgame's converged endpoint security platform is transforming security programs - their people, processes and technology - with the most powerful endpoint protection and simplest user experience, ensuring analysts of any skill level can stop targeted attacks before information theft. Endgame unifies prevention, detection, and threat hunting to stop known and unknown attacker behaviors at scale with a single agent. For more information, visit www.endgame.com and follow us on Twitter @EndgameInc.
YouTube: Endgame on YouTube