SentinelOne Helps Healthcare Organizations Comply with HIPAA - SentinelOne

SentinelOne Helps Healthcare Organizations Comply with HIPAA

SentinelOne® has retained Tevora, a security and risk management consulting firm and a reputable HITRUST Assessor, to conduct an independent, in-depth evaluation of SentinelOne’s anti-malware Endpoint Protection, Detection, and Response Platform (SentinelOne Singularity™ Platform) and software against HIPAA Security Rule requirements 164.308(a)(1), 164.308(a)(5)(ii)(B), and 164.308(a)(6)(ii).

The evaluation covers the SentinelOne Singularity Platform and how it dynamically prevents, detects, and responds to cyberattacks. The full report outlines the specific ways in which the SentinelOne Singularity™ Platform can bring organizations in line with HIPAA’s malware protection and security event response and reporting requirements.

How Does SentinelOne Help Customers Meet HIPAA Requirements?

Requirement 164.308(a)(1): Policies and procedures to prevent, detect, contain and correct security violations.

How SentinelOne Helps: The SentinelOne Singularity Platform prevents, detects, contains, analyzes, remediates, and rolls back security violations associated with malware attacks occurring on covered endpoints.

Requirement 164.308(a)(5)(ii)(B): Procedures for guarding against, detecting, and reporting malicious software.

How SentinelOne Helps: The SentinelOne Singularity Platform is available on Windows, Mac, Linux, and Kubernetes containerized workloads, includes anti-tamper capabilities, preferred configuration for management console hosting, and robust threat prevention, detection, and reporting via the SentinelOne Singularity Platform’s management console. The SentinelOne Singularity Platform integrates with SIEM solutions via our Singularity Marketplace integrations to enable supplemental log aggregation and alerting.

Requirement 164.308(a)(6)(ii): Identify and respond to suspected or known security incidents; mitigate, to the extent practicable, harmful effects of security incidents that are known to the covered entity or business associate; and document security incidents and their outcomes.

How SentinelOne Helps: The SentinelOne Singularity Platform identifies both previously known and unknown malware. Once malware is detected, it is automatically quarantined, removed, and the hash of the virus can be saved as a policy blacklist. The SentinelOne Singularity Platform allows generating a report summarizing the threats and actions for remediation.

Tevora’s Conclusion

Tevora attests that the SentinelOne Singularity Platform meets the intents of prevention, detection, remediation, and reporting requirements covered by the HIPAA Security Rule and HITECH when properly configured. Furthermore, it aligns with HIPAA’s Security Rule Requirements §164.308(a)(1), §164.308(a)(5)(ii)(B) and 164.308(a)(6)(ii) for security violations and incidents, and malware protection. Testing verified that the SentinelOne Singularity Platform is capable of identifying, isolating, and resolving threats posed by malware and maintains accurate log information on said events.The SentinelOne Singularity Platform gives insight into endpoint activity down to the file-level and can be configured to alert depending on specific user or machine behaviors. With verbose log capabilities, configurable system scans, anti-tamper mechanisms, and hundreds of Singularity Marketplace integrations with SIEM and other information security solutions, the SentinelOne Singularity Platform meets all HIPAA requirements relevant to endpoint controls.


To dive into how the SentinelOne Singularity Platform addresses each applicable HIPAA requirement, download the full report.