HIPAA & Network Security for Windows Active Directory

Secure your organization’s network for HIPAA compliance.

hipaa network security

New revisions to federal privacy and security regulations (the HIPAA Omnibus Final Rule) are now in place with full effect from September 23rd. It concerns the necessary safeguards for protected health information – and stem from changes made under the Health Information Technology for Economic and Clinical Health (HITECH) Act.

HITECH brings additional compliance standards to healthcare organizations for securing electronic health records (EHR).

Understanding HIPAA and Health Information Privacy

The HIPAA Privacy rule provides federal protections for individually identifiable health information held by covered entities and their business associates and gives patients an array of rights with respect to that information.

To help with the new revisions the American Medical Association recently published a toolkit to help organizations understand and comply with the new rules.

Safeguarding all Patient Data

Any healthcare organization that either stores, processes or transmits personal health information (PHI) is therefore required to comply with the Health Insurance Portability and Accountability Act (HIPAA) and safeguard all protected data.

HIPAA regulations do not mandate particular security technologies. They specify a set of principles that should guide an organization’s technology choice.

HIPAA Network Security

When it comes to securing a Microsoft Windows and Active Directory network, organizations should look to safeguard and secure their Windows infrastructure, beyond what’s available in native Windows security controls.

Specific but important gaps do exist in native Windows functionality that organizations across all sectors have to address.

How ISDecisions help organizations meet HIPAA / HITECH requirements

ISDecisions provides network security software to solve these challenges. They help prevent security breaches and ensure HIPAA compliance by protecting data and information contained within the network from authorized users (or those with whom they share their logins) and helps towards ensuring unauthorized access to a network is no longer a possibility.

1. UserLock provides visibility and control of all employee access to a Network and the data contained within.

UserLock User Sessions

With UserLock you can set and enforce granular login restrictions that:

  • Prevent concurrent logins to ensure that access to data is attributed to individual employees. Limiting concurrent logins helps stops users from sharing their passwords and stops rogue users from using valid credentials at the same time as their legitimate owner.
  • Restrict user access to the network based on multiple criteria including workstation access and usage/connection time.

2. FileAudit protects all file servers in a Windows environment by monitoring, archiving and reporting on all access to files and folders.

FileAudit 4 Statistics

With FileAudit you can:


Best in class security around network and file access

Together UserLock and FileAudit can allow you to see the details of every user connecting to your network and the files or folders they are accessing.

By enabling organizations to enhance network security far beyond what native Windows functionality provides and by offering extensive reporting and auditing, organizations can rely on UserLock and FileAudit to help ensure compliance with HIPAA regulatory audits.

What’s more both UserLock and FileAudit are remarkably simple to install and easy to use.

Find out for yourself with our FREE 30Day Trial.

Share this post :


Chris Bunn is the Directeur Général Adjoint of IS Decisions, a global cybersecurity software company, specializing in access management and multi-factor authentication for Microsoft Active Directory environments and the cloud.

Secured By miniOrange