HIPAA - Compliance - Cortex - Cortex

Compliance Dashboards and Reports

Product
Cortex
Creation date
2023-11-22
Last date published
2024-09-25
Category
Compliance
hipaa_compliance_dashboard.png

The Health Insurance Portability and Accountability Act (HIPAA) was a law passed by the United States Congress. The law created rules pertaining to electronic Protected Health Information (ePHI). In more recent times the standard has been updated to include details on cybersecurity architecture. HIPAA applies to organizations who interact with ePHI known as “covered entities”.

Link to HIPAA documentation: https://www.hhs.gov/sites/default/files/hipaa-simplification-201303.pdf

Link to download HIPAA content pack: https://cortex.marketplace.pan.dev/marketplace/details/XSIAMCompliance_HIPAA/

HIPAA

Widget Name

Description

HIPAA 164.312 (a) (1): Access control

Access Control

Implement policies and procedures to monitor access to systems. Use this widget to query login events.

HIPAA 164.312 (d): Person or entity authentication, HIPAA 164.312 (a) (2): Unique user identification

Identify

Implement policies and procedures to monitor the identity of users, devices, and processes. Use this widget to query targeted clients.

HIPAA 164.308 (a) (1) (i) (C): Apply sanction policy when members fail to comply

Policy/Config Management

Implement policies and procedures to monitor and maintain secure configurations. Use this widget to query host application versions.

HIPAA 164.306 (a) (2): Threat Protection, HIPAA 164.308 (a) (6) (i): Identify/respond to known security incidents

Threat Protection/Incident Response

Implement policies and procedures to detect, respond to, and recover from security incidents. Use this widget to query incidents.

HIPAA 164.308 (a) (1) (i) (B): Reduce risks and Vulnerabilities

Vulnerability Management

Implement policies and procedures to monitor systems and services. Use this widget to query host application versions.

HIPAA 164.308 (a) (7) (i) (A): Data backup plan, HIPAA 164.308 (a) (7) (i) (B): Data recovery plan

Planning

Implement policies and procedures to manage cybersecurity products. Use this widget to query update history.

HIPAA 164.308 (a) (1) (i) (D): Regularly review audit logs, HIPAA 164.312 (b): Audit controls

Audit Controls

Implement policies and procedures to monitor, record, and review system activities. Use this widget to query active directory information.

HIPAA 164.308 (a) (1) (i) (A): Identify risks and Vulnerabilities

Risk Assessment

Implement policies and procedures to identify, assess, and mitigate risks to data. Use this widget to query browser versions.

HIPAA 164.312 (c) (1): Implement policies or procedures to protect PHI, HIPAA 164.306 (a) (1) : Validate confidentiality and integrity of PHI

PII/PHI/Data Access

Implement policies and procedures to limit access to PII. Use this widget to query outbound requests.

HIPAA 164.308 (a) (4) (i) (A): Isolate health care clearinghouse functions

Physical Protections

Implement policies and procedures to protect physical assets and facilities. Use this widget to hosts with USB plug-in events.

HIPAA 164.312 (e) (1): Transmission security

Transmission/Network Security

Implement policies and procedures to protect and monitor communications channels. Use this widget to monitor top triggered network rules.

V1 required data source(s): XDM

V2 required data source(s): xdr_data, host_inventory, endpoints, incidents, pan_ngfw_traffic_raw

Requirements

This compliance pack pulls information from Cortex XSIAM that has been ingested and mapped to the following data sources. In order for the dashboards and reports to function properly it is important that these sources have ingested data.