HIPAA

Summary

The Health Insurance Portability and Accountability Act of 1996 required the Secretary of the U.S. Department of Health and Human Services (HHS) to develop regulations protecting the privacy and security of certain health information. The version used in this section is the HIPAA Rules 2013 update.

Definitions

Definition	Requirements
HIPAA-164_308_a_1_ii_D. Information system activity review (required)	084. Allow transaction history queries 085. Allow session history queries
HIPAA-164_308_a_3_i. Standard: workforce security	095. Define users with privileges
HIPAA-164_308_a_3_ii_A. Authorization or supervision (addressable)	034. Manage user accounts
HIPAA-164_310_a_2_iii. Access control and validation procedures (addressable)	114. Deny access with inactive credentials 229. Request access credentials 231. Implement a biometric verification component 095. Define users with privileges
HIPAA-164_310_d_2_i. Disposal (required)	214. Allow data destruction
HIPAA-164_312_a_1. Standard: access control	229. Request access credentials 096. Set user's required privileges
HIPAA-164_312_a_2_i. Unique user identification (required)	143. Unique access credentials
HIPAA-164_312_a_2_iii. Automatic logoff (addressable)	023. Terminate inactive user sessions
HIPAA-164_312_a_2_iv. Encryption and decryption (addressable)	147. Use pre-existent mechanisms 148. Set minimum size of asymmetric encryption 149. Set minimum size of symmetric encryption 370. Use OAEP padding with RSA 371. Use GCM Padding with AES 372. Proper Use of Initialization Vector (IV)
HIPAA-164_312_b. Standard: audit controls	075. Record exceptional events in logs
HIPAA-164_312_d. Standard: person or entity authentication	229. Request access credentials 231. Implement a biometric verification component 096. Set user's required privileges
HIPAA-164_312_e_1. Standard: transmission security	255. Allow access only to the necessary ports 257. Access based on user credentials
HIPAA-164_312_e_2_i. Integrity controls (addressable)	214. Allow data destruction

Last updated

2023/09/18