November 7, 2005

Beverly Healthcare Assures Sarbanes-Oxley and HIPAA Regulatory Compliance with NetIQ Solutions

Leading healthcare services provider implements NetIQ operational change control and policy compliance solutions to automate and centralize IT systems

Press Release

SAN JOSE, Calif.

NetIQ Corp. (Nasdaq: NTIQ), a leading provider of integrated systems and security management solutions, today announced that Beverly Healthcare, Inc. (NYSE: BEV), a nationwide provider of long-term assisted living to the elderly and disabled, has implemented several of NetIQ’s Knowledge-Based Service Assurance solutions to help comply with Sarbanes-Oxley (SOX) and HIPAA requirements. Beverly Healthcare has deployed the NetIQ® Change Guardian™ for Active Directory, the NetIQ® VigilEnt™ Policy Center, and the NetIQ® Directory and Resource Administrator™ products to centralize its Information Technology (IT) systems to meet its change control, security management and compliance needs.

“Prior to deploying NetIQ products, we had been using manual processes to control changes, centralize policy and provide account provisioning across the enterprise,” said David Valcik, vice president of IT at Beverly Healthcare. “Now that we have implemented NetIQ’s solutions, we are able to automate and centralize many of these tasks to save money, time and valuable resources.”

Controlling & Monitoring Changes in Active Directory

Many of today’s regulations require companies not only to control change to their IT systems, but also to demonstrate that such system changes have not altered their compliance status. By deploying the Change Guardian product, Beverly Healthcare now has the ability to categorize any changes made to Active Directory by IT personnel as managed, unmanaged and high profile. By receiving real-time alerts of unauthorized or high profile changes, Beverly Healthcare can increase the security of its Active Directory environment. In addition, Beverly Healthcare can quickly provide detailed and focused audit reports at any time for auditors or management with out-of-the-box reporting templates patterned on best practices. For more information on the Change Guardian product please see the press release also issued today at

Policy Creation and Education

In order to centralize policy creation, education and tracking processes, Beverly Healthcare has deployed VigilEnt Policy Center to the human resources, security and IT departments, with IT serving as the central point of review for all policies.

“VigilEnt Policy Center allows us to be very granular in the type of policy an employee sees. We are able to distribute policies down to the group the employees belong to, and ensure they understand and also comply with the policy by testing their comprehension of the information,” said Mike Niccum, systems engineer at Beverly Healthcare.

Secure Account Provisioning

Beverly Healthcare’s IT department supports more than 20,000 users at 354 nursing homes and 18 assisted living facilities nationwide. As part of its effort to centralize IT operations, Beverly Healthcare outsourced its help desk support and security functions. The outsourcer is granted access to Beverly Healthcare’s network in order to update and create user accounts and organizational units within Active Directory.

In order to ensure that account provisioning provided by the outsourcer remains in compliance with HIPAA and SOX, Beverly Healthcare has deployed the Directory and Resource Administrator product. The flexibility of the Directory and Resource Administrator product enables Beverly Healthcare to simplify its IT operations and maintain security, while relying on an outsourced provider to keep IT costs down.

“The in-house program we used previously only provided 20 percent of the capabilities that the Directory and Resource Administrator product now provides us. The process was manually intensive and took much more time to create accounts,” said Niccum. “The Directory and Resource Administrator product has allowed us to quickly and securely create and clone accounts across the entire environment, while also maintaining the audit trail of changes that HIPAA and SOX require of us.”

By deploying these key components of NetIQ’s Knowledge-Based Service Assurance solutions, Beverly Healthcare’s IT organization is now empowered with the knowledge and insight to streamline their IT department as well as comply with regulations.

“Like many of our customers, Beverly Healthcare wanted to simplify its IT operations, while meeting regulatory compliance requirements and assuring the security of data shared over the network by employees and partners,” said David Manks, senior director of Product Marketing at NetIQ. “NetIQ’s Knowledge-Based Service Assurance solutions help customers better monitor and administer their environment, manage policies and subsequently comply with regulations.”

About NetIQ

NetIQ is a leading provider of integrated systems and security management solutions that empower IT organizations with the knowledge and ability necessary to assure IT service. NetIQ's Knowledge-Based Service Assurance products and solutions include embedded knowledge and tools to implement industry best practices and to better ensure operational integrity, manage service levels and risk, and ensure policy compliance. NetIQ's modular, best-of-breed solutions for Performance & Availability Management, Security Management, Configuration & Vulnerability Management, and Operational Change Control integrate through an open, service-oriented architecture allowing for common reporting, analytics and dashboards. For more information about NetIQ, visit or call (888) 323-6768.

Let's Talk

Welcome, Want to talk to someone? Call our Sales team or request a call and we'll get right back to you.

  • Sales: (888) 323-6768

For support information, please visit Technical Support.

Amy Sachrison
Media and Analyst Relations

Phone: (713) 418-5368