Benchmark: 164.308 Administrative Safeguards
Description
An important step in strengthening the protection of health information, especially in electronic form, as well as give patients more access to their individual health information. The HIPAA Omnibus Rule is a set of final regulations that modifies the existing HIPAA rules and implements a variety of provisions of the Health Information Technology for Economic and Clinical Health (HITECH) Act.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select 164.308 Administrative Safeguards.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.hipaa_final_omnibus_security_rule_2013_164_308
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.hipaa_final_omnibus_security_rule_2013_164_308 --share
Benchmarks
- 164.308(a)(1)(ii)(A) Risk analysis
- 164.308(a)(1)(ii)(B) Risk management
- 164.308(a)(1)(ii)(D) Information system activity review
- 164.308(a)(3)(i) Workforce security
- 164.308(a)(3)(ii)(A) Authorization and/or supervision
- 164.308(a)(3)(ii)(B) Workforce clearance procedure
- 164.308(a)(3)(ii)(C) Termination procedures
- 164.308(a)(4)(i) Information access management
- 164.308(a)(4)(ii)(A) Isolating healthcare clearing house functions
- 164.308(a)(4)(ii)(B) Access authorization
- 164.308(a)(4)(ii)(C) Access establishment and modification
- 164.308(a)(5)(ii)(B) Protection from malicious software
- 164.308(a)(5)(ii)(C) Log-in monitoring
- 164.308(a)(5)(ii)(D) Password management
- 164.308(a)(6)(i) Security incident procedures
- 164.308(a)(6)(ii) Response and reporting
- 164.308(a)(7)(i) Contingency plan
- 164.308(a)(7)(ii)(A) Data backup plan
- 164.308(a)(7)(ii)(B) Disaster recovery plan
- 164.308(a)(7)(ii)(C) Emergency mode operation plan
- 164.308(a)(8) Evaluation