SAN FRANCISCO, Dec. 3, 2004 -- SenSage today announced that Noridian, also known as Blue Cross/Blue Shield of North Dakota, has implemented SenSage's comprehensive Security Information Management (SIM) solution to protect patient information in accordance with the mandates of the Health Insurance Portability and Accountability Act (HIPAA). Like all publicly held healthcare organizations including hospitals, medical groups and insurers, Noridian is subject to the HIPAA audit control requirements. These stringent requirements demand that companies collect, retain, and regularly review all security event data regarding the use of patient health information. After a rigorous evaluation of several solutions, Noridian chose to work with SenSage because of its well-architected solution for comprehensive historical analysis.

"Our goal was to automate the collection and analysis of all network access events to our patient health information and store the massive volumes of data online for six months," said Troy Aswege, Assistant Vice President of Information Services for Noridian. "Of all the vendors we researched, SenSage had the unique ability to capture and store data from all of the sources we needed, and help us quickly identify any anomalies. Using SenSage, we can now better identify security violations that might occur over time, which provides us with both critical insight and a strategic tool for HIPAA compliance."

In developing its HIPAA Analytics solution, SenSage reviewed patient health information security requirements, identified the sources from which an organization should collect data, built the log adapters to retrieve the data, and created pre-formatted audit reports. Noridian's SenSage implementation collects log from sources as diverse as Peoplesoft, Red Hat, Novell, Websense, Serena, Sun, Bluestar, Thor and others. These logs cover system end user activity and include third party, as well as in-house developed applications. The system processes over 54 different log types and collects over 2 Gigabytes each day.

"While HIPAA specifically requires log analysis, it gives no guidance for implementation. Using SenSage's HIPAA Analytics solution, healthcare companies are provided with tools that enables them to quickly get up and running with a comprehensive solution for meeting the audit control requirements of HIPAA, while also instituting best business practices in security risk management," said Jim Pflaging, President and CEO of SenSage.

To learn more about complying with HIPAA and get an overview of SenSage's HIPAA Analytics Package, you can attend a webinar on December 8, 2004 at 11 am Pacific Standard time. During the webinar, Jesse Bowen, a security expert with Accenture, will provide an overview of the audit control requirements and an approach for implementing a log management solution to meet them. Troy Aswege of Noridian will review a case study of his organization's SenSage implementation and Jim Pflaging, CEO of SenSage, will discuss the SenSage HIPAA Analytics Solution. To register, please visit http://www.sensage.com .

About SenSage

SenSage, (formerly known as Addamark Technologies) is a leading provider of security risk management solutions that combine advanced enterprise log data management with real-time event detection. With enterprise logs emerging as critical data for detecting and tracking system activity, SenSage's products directly address the growing threats of insider abuse and stolen intellectual property, streamline security operations and ensure compliance with corporate and government policies such as FFIEC, HIPAA, Sarbanes-Oxley and NISPOM. SenSage is architected with unique compression technology to facilitate the safe, long-term online storage of massive volumes of log d ata -- enabling rapid querying and better visibility into security threats and simplified compliance with regulatory mandates. For more information, please visit http://www.sensage.com .

SenSage and the SenSage Logo are trademarks of SenSage, Inc. in the United States and other countries.

SOURCE SenSage, Inc.

Web Site: http://www.sensage.com