ArcSight ESM Healthcare Edition Enables Healthcare Providers and Insurance Companies to Better Manage Risk, Policy and HIPAA Compliance

CUPERTINO, Calif. – March 22, 2005 – ArcSight, Inc., the global leader in Enterprise Security Management (ESM), today announced the introduction of ArcSight ESM Healthcare Edition. ArcSight ESM Healthcare Edition allows healthcare payors, providers and clearinghouses to quickly and clearly streamline security management practices for their unique environment. These practices include risk management, systems review, monitoring and incident response.  The Healthcare Edition melds ArcSight ESM’s powerful security management, reporting and workflow capabilities to the healthcare provider and insurance industries’ specific regulatory and security requirements.  

The Security Standard of the Health Insurance Portability and Accountability Act (HIPAA) is a U.S. regulation that imposes requirements for safeguarding patient health information.  These requirements include risk management, information systems activity review, incident response processes and monitoring.  ArcSight ESM Healthcare Edition’s pre-defined, healthcare-tailored best practices, policy profiles and reporting features allow overburdened IT staffs to achieve automated, intelligent and auditable security management.

“In order to achieve HIPAA compliance, we need to efficiently and comprehensively review and report on millions of security events each day,” said Tim Maletic, information services security officer for Priority Health, one of the top ten providers of health insurance plans in the nation.  “ArcSight ESM streamlines our security operations, enabling us to easily maintain a security audit trail and review information system activity - all at a reasonable cost and without additional required headcount.”

ArcSight ESM enables the collection of security log information from the entire infrastructure, including intrusion detection systems, firewalls, vulnerability assessment, router and operating system logs. ArcSight ESM Healthcare Edition reports are specifically tailored to generate HIPAA relevant statements that can be disseminated to compliance stakeholders and kept on record as proof of due diligence towards compliance with the HIPAA Security Standard. 

“ArcSight is dedicated to supporting our rapidly growing healthcare customer base as they address the challenges of maintaining security in a regulated and highly sensitive environment,” said Hugh Njemanze, chief technology officer and executive vice president of research and development at ArcSight.  “ArcSight ESM Healthcare Edition delivers automated reporting, auditing and best practices designed to help healthcare organizations to protect the confidentiality, integrity and availability of patient health data from internal and external threats.  We’re committed to providing the best solution in its class specifically tailored for a healthcare environment.”

ArcSight ESM Healthcare Edition benefits include:

• Pre-configured policy profiles to immediately and accurately recognize policy violations, threats and successful attacks to HIPAA regulated systems in real-time;
• Automated security event correlation with the most intelligent correlation engine available for streamlined compliance, risk management and incident response programs;
• The ability to identify insider threats through comprehensive data collection, increasing protection of patient health information in a HIPAA regulated environment;
• Centralized management, concrete workflow and pre-configured reports, automated risk analysis and process auditing
• Documented best practices for quickly melding ArcSight to each organization’s unique environment.

ArcSight’s healthcare customer base comprises the most security conscious healthcare-related organizations in the United States, including HealthSouth, Priority Health and the Department of Health and Human Services.

Healthcare organizations are cordially invited to attend the ArcSight/Qualys complimentary Web Seminar, entitled ”Stopping the HIPAA Security Time Drain”.  This web seminar will address universal challenges with HIPAA security compliance and introduce economical methods for minimizing the burden on healthcare IT staffs.  The web seminar will be held April 12, 2005 at 11:00 a.m. PST.  Attendees can register by visiting http://www.arcsight.com/events/webinar/HIPAA/index.html.

About ArcSight

ArcSight, Inc. is the leading provider of Enterprise Security Management (ESM) solutions. Winner of CMP’s Network Computing Editor’s Choice and Network World Best of Tests awards, and numerous other awards and recognitions, ArcSight ESM 3.0 enables enterprises to centrally manage information risk. By comprehensively collecting and analyzing security data, ArcSight ESM 3.0 provides accurate, real-time internal, external threat management and compliance reporting. ArcSight customers include companies in the Fortune top 5 of financial services, banking, telecommunications, high-technology, retail, healthcare, and biotech industries -- and more than 20 of the top 30 federal agencies.

###

For more information on ArcSight news, please contact: pr@arcsight.com