.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) mandates that providers, health plans, clearinghouses, and their business associates establish appropriate administrative, technical, and physical safeguards to protect the privacy and security of sensitive health information.
Dependencies
The HIPAA compliance reports have the following dependencies.
- SA Rules:
Accounts Created
Accounts Deleted
Accounts Modified
Group Management
Password Changes
Password Changes Summary
User Access Revoked
Change in Audit Settings
Access To Compliance Data Details
Access to Compliance Data Summary
Admin Access to Compliance Systems Details
Admin Access to Compliance Systems Summary
User Access to Compliance Systems Details
User Access to Compliance Systems Summary
Logon Failures Details
Logon Failures Summary
Failed Escalation of Privileges Details
Successful Escalation Of Privileges Details
Failed Escalation of Privileges Summary
Successful Escalation of Privileges Summary
- SA Lists:
Administrative Users
Compliance Data
Compliance Systems
- App Rules:
account:created
account:deleted
account:modified
account:logon-success
alm:cardholder-data
account:logon-success
config:change-audit-setting
account:group-management
account:logon-failure
account:password-change
access:user-access-revoked
Citations
The HIPAA reports have the following Citations.
- Report Rule: Access to Compliance Data - Detail
Access to Compliance Data - Top 25 - Citation Number: 164.308(a)4(ii)(B)
- Citation Description: Access Authorization (Addressable).
- Report Rule: Accounts Created
- Citation Number: 164.308(a)4(i)(C)
- Citation Description: Access establishment and modification (Addressable).
- Report Rule: Accounts Deleted
- Citation Number: 164.308(a)4(i)(C)
- Citation Description: Access establishment and modification (Addressable).
- Report Rule: Accounts Modified
- Citation Number: 164.308(a)4(i)(C)
- Citation Description: Access establishment and modification (Addressable).
- Report Rule: Admin Access to Compliance Systems - Detail
- Citation Number: 164.308(a)(5)(ii)(C)
- Citation Description: Log-in monitoring (Addressable).
- Report Rule: Admin Access to Compliance Systems - Top 25
- Citation Number: 164.308(a)(5)(ii)(C)
- Citation Description: Log-in monitoring (Addressable).
- Report Rule: Change in Audit Settings
- Citation Number: 164.312(B)
- Citation Description: Standard: Audit Controls.
- Report Rule: Escalation of Privileges - Detail
Escalation of Privileges - Top 25 - Citation Number: 164.308(a)4(i)(C)
- Citation Description:
- Report Rule: Group Management
- Citation Number: 164.308(a)4(i)(C)
- Citation Description: Access establishment and modification (Addressable).
- Report Rule: Logon Failures - Detail
- Citation Number: 164.308(a)(5)(ii)(C)
- Citation Description: Log-in monitoring (Addressable).
- Report Rule: Logon Failures - Top 25
- Citation Number: 164.308(a)(5)(ii)(C)
- Citation Description: Log-in monitoring (Addressable).
- Report Rule: Password Changes - Detail
Password Changes - Top 25 - Citation Number: 164.308(a)5(ii)(D)
- Citation Description: Password management (Addressable).
- Report Rule: User Access Revoked
- Citation Number: 164.308(a)3(ii)(C)
- Citation Description: Termination procedures (Addressable).
- Report Rule: User Access to Compliance Systems - Detail
- Citation Number: 164.308(a)(5)(ii)(C)
- Citation Description: Log-in monitoring (Addressable).
- Report Rule: User Access to Compliance Systems - Top 25
- Citation Number: 164.308(a)(5)(ii)(C)
- Citation Description: Log-in monitoring (Addressable).
- Report Rule: Account Management
- Citation Number: 164.308(a)4(i)(C)
- Citation Description: Access establishment and modification (Addressable).
