Case Study: GoodData achieves HIPAA compliance and tamper-proof privileged session audit trails with One Identity's Safeguard for Privileged Sessions

HIPAA Compliance at GoodData a US-Based Smart Business Application Provider

GoodData, a San Francisco–based provider of smart business applications, needed to meet HIPAA requirements for customers by delivering complete, context-rich audit trails of access to sensitive data. Because their services engineers directly access client data warehouses to build data products, GoodData sought a solution that would record SQL queries in context, prove no production data was offloaded, and provide indisputable evidence across a heterogeneous desktop environment — and selected One Identity’s Safeguard for Privileged Sessions.

One Identity deployed Safeguard for Privileged Sessions in GoodData’s Rackspace datacenter, connecting the audit node to two virtual Scientific Linux terminal servers; the full implementation took six weeks. The system now records and indexes all sessions for about 50 GoodData employees, producing tamper‑proof audit trails that enable HIPAA compliance, support quarterly audits (sampled audits have found no non‑compliance), and give regulators and customers reliable, accepted evidence of access to sensitive data.

GoodData

Tomáš Honzák

Director of Security & Compliance