November 7, 2005
Beverly Healthcare Assures Sarbanes-Oxley and HIPAA Regulatory Compliance with NetIQ Solutions
Leading healthcare services provider implements NetIQ operational change control and policy compliance solutions to automate and centralize IT systems
SAN JOSE, Calif.
NetIQ Corp. (Nasdaq: NTIQ), a leading provider of integrated systems and security management solutions, today announced that Beverly Healthcare, Inc. (NYSE: BEV), a nationwide provider of long-term assisted living to the elderly and disabled, has implemented several of NetIQ’s Knowledge-Based Service Assurance solutions to help comply with Sarbanes-Oxley (SOX) and HIPAA requirements. Beverly Healthcare has deployed the NetIQ® Change Guardian™ for Active Directory, the NetIQ® VigilEnt™ Policy Center, and the NetIQ® Directory and Resource Administrator™ products to centralize its Information Technology (IT) systems to meet its change control, security management and compliance needs.
“Prior to deploying NetIQ products, we had been using manual processes to control changes, centralize policy and provide account provisioning across the enterprise,” said David Valcik, vice president of IT at Beverly Healthcare. “Now that we have implemented NetIQ’s solutions, we are able to automate and centralize many of these tasks to save money, time and valuable resources.”
Controlling & Monitoring Changes in Active Directory
Many of today’s regulations require companies not only to control change to their IT systems, but also to demonstrate that such system changes have not altered their compliance status. By deploying the Change Guardian product, Beverly Healthcare now has the ability to categorize any changes made to Active Directory by IT personnel as managed, unmanaged and high profile. By receiving real-time alerts of unauthorized or high profile changes, Beverly Healthcare can increase the security of its Active Directory environment. In addition, Beverly Healthcare can quickly provide detailed and focused audit reports at any time for auditors or management with out-of-the-box reporting templates patterned on best practices. For more information on the Change Guardian product please see the press release also issued today at http://www.netiq.com/news/releases.
Policy Creation and Education
In order to centralize policy creation, education and tracking processes, Beverly Healthcare has deployed VigilEnt Policy Center to the human resources, security and IT departments, with IT serving as the central point of review for all policies.
“VigilEnt Policy Center allows us to be very granular in the type of policy an employee sees. We are able to distribute policies down to the group the employees belong to, and ensure they understand and also comply with the policy by testing their comprehension of the information,” said Mike Niccum, systems engineer at Beverly Healthcare.
Secure Account Provisioning
Beverly Healthcare’s IT department supports more than 20,000 users at 354 nursing homes and 18 assisted living facilities nationwide. As part of its effort to centralize IT operations, Beverly Healthcare outsourced its help desk support and security functions. The outsourcer is granted access to Beverly Healthcare’s network in order to update and create user accounts and organizational units within Active Directory.
In order to ensure that account provisioning provided by the outsourcer remains in compliance with HIPAA and SOX, Beverly Healthcare has deployed the Directory and Resource Administrator product. The flexibility of the Directory and Resource Administrator product enables Beverly Healthcare to simplify its IT operations and maintain security, while relying on an outsourced provider to keep IT costs down.
“The in-house program we used previously only provided 20 percent of the capabilities that the Directory and Resource Administrator product now provides us. The process was manually intensive and took much more time to create accounts,” said Niccum. “The Directory and Resource Administrator product has allowed us to quickly and securely create and clone accounts across the entire environment, while also maintaining the audit trail of changes that HIPAA and SOX require of us.”
By deploying these key components of NetIQ’s Knowledge-Based Service Assurance solutions, Beverly Healthcare’s IT organization is now empowered with the knowledge and insight to streamline their IT department as well as comply with regulations.
“Like many of our customers, Beverly Healthcare wanted to simplify its IT operations, while meeting regulatory compliance requirements and assuring the security of data shared over the network by employees and partners,” said David Manks, senior director of Product Marketing at NetIQ. “NetIQ’s Knowledge-Based Service Assurance solutions help customers better monitor and administer their environment, manage policies and subsequently comply with regulations.”
NetIQ is a leading provider of integrated systems and security management solutions that empower IT organizations with the knowledge and ability necessary to assure IT service. NetIQ's Knowledge-Based Service Assurance products and solutions include embedded knowledge and tools to implement industry best practices and to better ensure operational integrity, manage service levels and risk, and ensure policy compliance. NetIQ's modular, best-of-breed solutions for Performance & Availability Management, Security Management, Configuration & Vulnerability Management, and Operational Change Control integrate through an open, service-oriented architecture allowing for common reporting, analytics and dashboards. For more information about NetIQ, visit www.netiq.com or call (888) 323-6768.
Copyright© 2019 Micro Focus Corporation. All Rights Reserved. Micro Focus and the Micro Focus logo are trademarks or registered trademarks of Micro Focus Corporation in the USA. All other trademarks, trade names, or company names referenced herein are used for identification only and are the property of their respective owners.