Barkly News
Maya Pattison
Dec 2017

Barkly Achieves Independent Validation for HIPAA Compliance


Barkly has been independently validated to assist healthcare organizations with compliance of the Health Insurance Portability and Accountability Act (HIPAA).

The validation was provided in a report by Coalfire, a leading assessor for HIPAA, HITRUST, PCI, FedRAMP and other compliance standards across the finance, government, industry, and healthcare sectors.

Title II of HIPAA, an act passed in 1996, provides regulations and guidelines for maintaining the security and privacy of individually identifiable health information. According to this independent report, “The Barkly Endpoint Protection PlatformTM demonstrated multiple capabilities including fileless attack blocking, executable blocking, and exploit blocking and performed attribute and behavioral analysis. The Barkly cloud-based software-as-a-service platform provides flexibility to manage endpoints, automatic upgrades for agents, alert configurations, manage override rules, and export incident data.” For this reason the report concludes, “All these capabilities make it an option for companies aiming to comply with HIPAA anti-malware requirements.”

According to a recent Ponemon Institute study, over half of organizations said they experienced a successful endpoint attack in 2017, with healthcare endpoint attacks totaling $1.3 billion in cost annually. The study further revealed that fileless attacks were 10x more likely to succeed than file-based attacks.

“With fileless attacks on the rise, healthcare institutions are increasingly selecting Barkly to protect their endpoints. With this report, current and prospective customers can confidently leverage Barkly’s breakthrough technology to meet HIPAA requirements.”

— Mike Duffy, CEO of Barkly

Barkly delivers the strongest, smartest protection against attacks, whether known or unknown, fileless or file-based with the Barkly Endpoint Protection PlatformTM. Barkly protects both endpoint devices and servers and is simple to manage through any desktop or mobile device.

Coalfire has determined that Barkly, with its uniquely strong, smart protection and simple management, supports compliance for the following four HIPAA requirements:

Protection from malicious software 164.308(a)(5)(ii)(B)
  • Procedures for guarding against, reporting, and detecting malicious software.

Security Incident Procedures 164.308(a)(6)(i)
  • Implement policies and procedures to address security incidents.
Response and Reporting -- R 164.308(a)(6)(ii)
  • Identify and respond to suspected or known security incidents; mitigate, to the extent practicable, harmful effects of security incidents that are known to the covered entity or business associate; and document security incidents and their outcomes.
Audit Controls - R 164.312(b)
  • Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.
In addition to HIPAA compliance, many hospitals and healthcare organizations leverage NIST FICIC as a security framework for their cybersecurity posture and to address current and future computer and information security challenges. Coalfire also validated that the Barkly Endpoint Protection PlatformTM provides coverage for controls within the NIST FICIC “Detect” and “Respond” functions.
Maya Pattison

Maya Pattison

Maya is the Director of PR at Barkly. She has a strong background in media relations, crisis communication and media training. When not at the office, Maya expresses her creativity through digital photography and abstract painting.


Close the gaps in your security

See how Barkly blocks attacks other solutions miss.

See a demo


Stay informed!

Get the latest security news, tips, and trends straight to your inbox.

Stay informed!

Get the latest security news, tips, and trends straight to your inbox.