A key part of ensuring the security of restricted data is auditing access to the data. Auditing is also a HIPAA requirement. The Splunk add-on for UBbox is hosted centrally by UBIT to provide auditing capabilities to security/privacy officials, data stewards, and their designees. Splunk will be configured to retain log files for 6 years plus 180 days, in accordance with HIPAA requirements.
All restricted data access will be logged in Splunk. For each access event, the minimum following information will be logged:
The following restricted data access events will be logged and will produce alerts (email) sent to the data stewards and Security/Privacy Officials:
In the event of a restricted data breach, notify the Information Security Office, data steward, and security/privacy officials.