While the time frame for the retention of Audit Logs is unclear at this
time, the bigger issue is, do you have the technical capability to monitor
your logs in real-time or with some short latency period? Have you been able
to define what constitutes a violation of your policy for access? Can you
monitor policy violations from log data? 

If you have the technical capability to reduce log data to events
(activities which may violate policy) and then investigate events and boil
them down to Incidents (activities which have violated policy and require
some focused action to remediate the events), then you may only need to
retain the Event and/or Incident data from the logs. Depending on the size
of your organization log data from various applications, servers and network
appliances may require 100's of gigabytes of offline storage and will in
some cases require Terabytes of offline storage for log data. Storage of
Events and/or Incidents may reduce your storage needs on an order of
magnitude ranging from 20 to 100.

Best to have a plan on how to capture, analyze, and reduce log data to
reportable and actionable Incidents prior to spending lots of $$ on mass
storage devices.

Contact me off line if you have additional questions.

William Sheffel
Healthcare Practice Leader
Veritect

703-851-3075

-----Original Message-----
From: Street, Bunny [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 12, 2002 1:34 PM
To: [EMAIL PROTECTED]; '[EMAIL PROTECTED]'
Subject: RE: retention of documentation


thanks to everyone for all the responses. While I am familiar with
references in the Privacy regs, my state statutes, my own organizational
p/p's, it appears that everyone agrees that there are no references in the
security regs to documentation retention.  Opinions are varied from....
likely to follow the Privacy regs....to....create your own....to follow your
state, etc........ thanks again

-----Original Message-----
From: Street, Bunny [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 12, 2002 10:22 AM
To: [EMAIL PROTECTED]; '[EMAIL PROTECTED]'
Subject: RE: retention of documentation


Although the security regs are in proposed status, is anyone aware of
references to retention requirements for documentation; such as how long
should audit information be retained?  Thanks

Leslie Street
Privacy Specialist
Mountain States Health Alliance
Johnson City, TN 36704
423-431-1661
[EMAIL PROTECTED]


 

**********************************************************************
To be removed from this list, send a message to: [EMAIL PROTECTED]
Please note that it may take up to 72 hours to process your request.

**********************************************************************
To be removed from this list, send a message to: [EMAIL PROTECTED]
Please note that it may take up to 72 hours to process your request.

**********************************************************************
To be removed from this list, send a message to: [EMAIL PROTECTED]
Please note that it may take up to 72 hours to process your request.

Reply via email to