Auditing, Event Monitoring and Breach Protocol in UBbox

Auditing and Event Monitoring

A key part of ensuring the security of restricted data is auditing access to the data. Auditing is also a HIPAA requirement. The Splunk add-on for UBbox is hosted centrally by UBIT to provide auditing capabilities to security/privacy officials, data stewards, and their designees. Splunk will be configured to retain log files for 6 years plus 180 days, in accordance with HIPAA requirements.

All restricted data access will be logged in Splunk. For each access event, the minimum following information will be logged:

The UBITName that accessed the data
Name of the folder or file accessed
Date & time of the access
Client IP
Action taken on sensitive data folder or file

The following restricted data access events will be logged and will produce alerts (email) sent to the data stewards and Security/Privacy Officials:

A collaboration invitation was issued for a folder
Data from a folder was downloaded
A subfolder was created with a name that doesn't follow proper naming protocol

Breach Protocol

In the event of a restricted data breach, notify the Information Security Office, data steward, and security/privacy officials.

Next: Sensitive Data Life Cycle

Auditing, Event Monitoring and Breach Protocol in UBbox

On this page:

Auditing and Event Monitoring

Breach Protocol

Help

News and Alerts

About Us

Forms

IT Policies

Follow UBIT