Auditing and monitoring of inappropriate access and/or disclosure of protected health information

Collaborates with Chief Information Security Officer regarding auditing and monitoring of employees and business associates inappropriate access and/or disclosure of protected health information.

Create, protect, and retain information system audit records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful, unauthorized, or inappropriate information system activity. Generates an audit record that establishes what type of event occurred, when the event occurred, where the event occurred, the source of the event, the outcome of the event, & the identity of any individuals or subjects associated with the event. The Off-loads audit records onto a different system or media than the system being audited.

Analyze and correlate audit records across different repositories to gain organization – wide situational awareness. Integrate analysis of audit records with analysis of vulnerability scanning information, performance data, and monitoring information to further enhance the ability to identify inappropriate or unusual activity.

Source :
http://ecfirst.com/myecfirst/wp-content/uploads/NIST_SP800-53_QRC_2015.pdf