Benchmark: 164.308(a)(1)(ii)(A) Risk analysis
Description
Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the covered entity or business associate.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select 164.308(a)(1)(ii)(A) Risk analysis.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.hipaa_final_omnibus_security_rule_2013_164_308_a_1_ii_a
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.hipaa_final_omnibus_security_rule_2013_164_308_a_1_ii_a --share
Controls
- At least one enabled trail should be present in a region
- AWS Config should be enabled
- GuardDuty should be enabled