SOURCE: Symantec Corporation

Symantec Corporation

February 21, 2012 08:00 ET

Symantec and FairWarning Help Assure Compliance With Federal and State Privacy Healthcare Laws

MOUNTAIN VIEW, CA--(Marketwire - Feb 21, 2012) - Symantec Corp. (NASDAQ: SYMC) today announced new integration of Symantec Security Information Manager (SSIM) with FairWarning®'s Privacy Breach Detection to streamline the end-to-end security and privacy compliance-auditing, reporting and investigation processes. This integration helps organizations comply with global, federal and state privacy healthcare laws by monitoring and alerting the organization to inappropriate access of patient records and correlating the alerts on the healthcare application level with IT infrastructure security events.

Click to Tweet: Comprehensive security and compliance solution helps companies comply w/ federal/state privacy healthcare laws:

"With the advent and proliferation of electronic health records (EHRs), patient privacy breaches have become a major concern to patients and healthcare providers alike," said Doug Havas, vice president, Symantec Healthcare. "Through our collaboration with FairWarning, we are able to offer our customers certified collectors that log and analyze both applications and infrastructure related events. Both are critical in protecting the privacy of and access to healthcare information."

The integration of SSIM and FairWarning allows healthcare organizations to centralize and automate both application-level and infrastructure level security compliance and monitoring efforts. Additionally, the solution provides staff-specific portals as part of an overall proactive security and privacy monitoring solution.

Privacy violations and events at the level of the clinical application are sent directly to FairWarning for correlation and incident identification. Identified incidents are then displayed on the dashboard for use by the Privacy staff and administration, a copy of the incident is forwarded to the SSIM for correlation against infrastructure security and event logs. Alert triggers can be established to alert specified personnel upon the identification of an identified incident.

"We know from recent surveys FairWarning has conducted that patients' lack of trust in the privacy and security of their electronic health records directly impacts treatment outcomes," said Shane Whitlatch, Executive Vice President, FairWarning. "By layering FairWarning's Privacy Breach Detection with Symantec Security Information Manager, healthcare providers can protect the privacy of, and access to, healthcare information more broadly with both applications and infrastructure related events monitored, which, in turn, can ease patients' concerns in both areas."

The secure collection and correlation of security event data between the applications and FairWarning enables a more automated approach to compliance auditing and reporting, thus increasing efficiency and reducing audit preparation efforts.

The SSIM console is designed to help reduce the resources required to manually correlate network infrastructure logs with incident logs from electronic health record (EHR) applications. It also helps reduce the time and effort required to complete an end-to-end patient privacy investigation by rapidly enabling a deeper security inspection of both application and infrastructure logs associated with the users involved in the privacy incidents.

The integration of SSIM with FairWarning gives organizations a unified platform for integrating both network infrastructure and healthcare application security event logs. This combination reduces management costs, increases privacy compliance, and automates auditing and reporting processes. This solution provides complete support for all compliance regulations, including the following:

North America:

  • Privacy and Security Provisions Outlined in ARRA HITECH
  • California SB 541, AB 211 & SB 850
  • Texas HB 300
  • Canadian provincial healthcare privacy laws


  • UK Caldicott Guardian Act
  • UK Data Protection Act
  • Information Governance Toolkit
  • EU Data Protection Directive
  • France Health Information Systems Security Directive
  • Netherlands NEN 75-10 and NEN 75-13

Since SSIM and FairWarning installations do not interfere with existing network configurations or applications, the solution can be rapidly deployed in most environments. And unlike single sign-on systems or strong authentication schemes, SSIM/FairWarning does not interfere with the natural workflow of healthcare workers.

The SSIM/FairWarning integration improves current privacy and security measures, while also providing a solid framework for enhanced network monitoring capability and future changes in regulatory requirements.


Connect with Symantec

About FairWarning, Inc.
FairWarning® is the inventor and world's leading supplier of cross-platform healthcare privacy auditing solutions for Electronic Health Records. FairWarning® proactively protects healthcare organizations from emerging legal and privacy threats, which include medical identity theft, identity theft, and other forms of healthcare information crimes. FairWarning® is industry's leading best practice solution for automating privacy auditing. The company is located in St. Petersburg, Florida, USA, with offices in London, U.K. and Paris, France. To learn more, please or call U.S. +1 727 576 6700.

About Symantec
Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at

NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at All prices noted are in U.S. dollars and are valid only in the United States.

Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

Contact Information