The Health Insurance Portability and Accountability Act (HIPAA) was a law passed by the United States Congress. The law created rules pertaining to electronic Protected Health Information (ePHI). In more recent times the standard has been updated to include details on cybersecurity architecture. HIPAA applies to organizations who interact with ePHI known as “covered entities”.
Link to HIPAA documentation: https://www.hhs.gov/sites/default/files/hipaa-simplification-201303.pdf
Link to download HIPAA content pack: https://cortex.marketplace.pan.dev/marketplace/details/XSIAMCompliance_HIPAA/
HIPAA | Widget Name | Description |
---|---|---|
HIPAA 164.312 (a) (1): Access control | Access Control | Implement policies and procedures to monitor access to systems. Use this widget to query login events. |
HIPAA 164.312 (d): Person or entity authentication, HIPAA 164.312 (a) (2): Unique user identification | Identify | Implement policies and procedures to monitor the identity of users, devices, and processes. Use this widget to query targeted clients. |
HIPAA 164.308 (a) (1) (i) (C): Apply sanction policy when members fail to comply | Policy/Config Management | Implement policies and procedures to monitor and maintain secure configurations. Use this widget to query host application versions. |
HIPAA 164.306 (a) (2): Threat Protection, HIPAA 164.308 (a) (6) (i): Identify/respond to known security incidents | Threat Protection/Incident Response | Implement policies and procedures to detect, respond to, and recover from security incidents. Use this widget to query incidents. |
HIPAA 164.308 (a) (1) (i) (B): Reduce risks and Vulnerabilities | Vulnerability Management | Implement policies and procedures to monitor systems and services. Use this widget to query host application versions. |
HIPAA 164.308 (a) (7) (i) (A): Data backup plan, HIPAA 164.308 (a) (7) (i) (B): Data recovery plan | Planning | Implement policies and procedures to manage cybersecurity products. Use this widget to query update history. |
HIPAA 164.308 (a) (1) (i) (D): Regularly review audit logs, HIPAA 164.312 (b): Audit controls | Audit Controls | Implement policies and procedures to monitor, record, and review system activities. Use this widget to query active directory information. |
HIPAA 164.308 (a) (1) (i) (A): Identify risks and Vulnerabilities | Risk Assessment | Implement policies and procedures to identify, assess, and mitigate risks to data. Use this widget to query browser versions. |
HIPAA 164.312 (c) (1): Implement policies or procedures to protect PHI, HIPAA 164.306 (a) (1) : Validate confidentiality and integrity of PHI | PII/PHI/Data Access | Implement policies and procedures to limit access to PII. Use this widget to query outbound requests. |
HIPAA 164.308 (a) (4) (i) (A): Isolate health care clearinghouse functions | Physical Protections | Implement policies and procedures to protect physical assets and facilities. Use this widget to hosts with USB plug-in events. |
HIPAA 164.312 (e) (1): Transmission security | Transmission/Network Security | Implement policies and procedures to protect and monitor communications channels. Use this widget to monitor top triggered network rules. |
V1 required data source(s): XDM
V2 required data source(s): xdr_data, host_inventory, endpoints, incidents, pan_ngfw_traffic_raw
Requirements
This compliance pack pulls information from Cortex XSIAM that has been ingested and mapped to the following data sources. In order for the dashboards and reports to function properly it is important that these sources have ingested data.