Compliance Reports: Health Insurance Portability and Accountability Act of 1996 (HIPAA)

Document created by RSA Information Design and Development on May 25, 2016Last modified by RSA Information Design and Development on Nov 15, 2018
Version 168Show Document
  • Comment0
  • View in full screen mode
 

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) mandates that providers, health plans, clearinghouses, and their business associates establish appropriate administrative, technical, and physical safeguards to protect the privacy and security of sensitive health information.

Dependencies

The HIPAA compliance reports have the following dependencies.

                  
SA RulesSA ListsApp Rules

Accounts Created

Accounts Deleted

Accounts Modified

Group Management

Password Changes

Password Changes Summary

User Access Revoked

Change in Audit Settings

Access To Compliance Data Details

Access to Compliance Data Summary

Admin Access to Compliance Systems Details

Admin Access to Compliance Systems Summary

User Access to Compliance Systems Details

User Access to Compliance Systems Summary

Logon Failures Details

Logon Failures Summary

Failed Escalation of Privileges Details

Successful Escalation Of Privileges Details

Failed Escalation of Privileges Summary

Successful Escalation of Privileges Summary

Administrative Users

Compliance Data

Compliance Systems

account:created

account:deleted

account:modified

account:logon-success

alm:cardholder-data

account:logon-success

config:change-audit-setting

account:group-management

account:logon-failure

account:password-change

access:user-access-revoked

Citations

The HIPAA reports have the following Citations.

                                                                                             
Report RuleCitation NumberCitation Description
Access to Compliance Data - Detail
Access to Compliance Data - Top 25		164.308(a)4(ii)(B)Access Authorization (Addressable).
Accounts Created164.308(a)4(i)(C)Access establishment and modification (Addressable).
Accounts Deleted164.308(a)4(i)(C)Access establishment and modification (Addressable).
Accounts Modified164.308(a)4(i)(C)Access establishment and modification (Addressable).
Admin Access to Compliance Systems - Detail164.308(a)(5)(ii)(C)Log-in monitoring (Addressable).
Admin Access to Compliance Systems - Top 25164.308(a)(5)(ii)(C)Log-in monitoring (Addressable).
Change in Audit Settings164.312(B)Standard:  Audit Controls.
Escalation of Privileges - Detail
Escalation of Privileges - Top 25		164.308(a)4(i)(C) 
Group Management164.308(a)4(i)(C)Access establishment and modification (Addressable).
Logon Failures - Detail164.308(a)(5)(ii)(C)Log-in monitoring (Addressable).
Logon Failures - Top 25164.308(a)(5)(ii)(C)Log-in monitoring (Addressable).
Password Changes - Detail
Password Changes - Top 25		164.308(a)5(ii)(D)Password management (Addressable).
User Access Revoked164.308(a)3(ii)(C)Termination procedures (Addressable).
User Access to Compliance Systems - Detail164.308(a)(5)(ii)(C)Log-in monitoring (Addressable).
User Access to Compliance Systems - Top 25164.308(a)(5)(ii)(C)Log-in monitoring (Addressable).
Account Management164.308(a)4(i)(C)Access establishment and modification (Addressable).
You are here
Table of Contents > Compliance Reports: Health Insurance Portability and Accountability Act of 1996 (HIPAA)

Attachments

    Outcomes