ArcSight enabled Capital BlueCross
to take a comprehensive approach to
log aggregation, monitoring and
incidence response - and thereby
comply with the HIPAA Security
Standard.
Business
Challenge:
The health insurance company needed
to review and report on millions of
events per day without having to
acquire additional headcount.
Additionally, it needed to protect
customer data and demonstrate
compliance with regulatory
requirements like HIPAA and those
mandated by the BlueCross and Blue
Shield Association.
Solution:
Capital BlueCross is now able to
automatically collect event data,
place it in a central repository and
intelligently transform millions of
random log events into a meaningful
picture of real security incidents,
all in a reasonable amount of time.
The company is also leveraging the
ArcSight ISO-17799 reporting module
created for the healthcare industry
that features out-of-the-box rules
mapped directly to the HIPAA
standard.
Benefits:
"Our investment in ArcSight gives us
the power to quickly discover
security threats and better protect
our customers," says Kent Podvin,
director of IT at Capital BlueCross.
"But just as important, it allows us
to do this with fewer internal
resources and with minimal impact on
staffing."
Click here to get more information about ArcSight.
