The Health Insurance Portability and Accountability Act of 1996 is United States legislation that provides data privacy and security provisions for safeguarding medical information.


ControlDescription
164.312(a)(1) Access ControlsImplement technical policies and procedures for electronic information systems that maintain electronic protected health information to allow access only to those persons or software programs that have been granted access rights as specified in § 164.308(a)(4).
164.312(a)(2)(iv) Encryption and Decryption (Addressable)Implement a mechanism to encrypt and decrypt electronic protected health information.
164.312(b) Audit ControlsImplement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.
164.312(c) IntegrityImplement policies and procedures to protect electronic protected health information from improper alteration or destruction.
164.312(d) Person or Entity AuthenticationImplement procedures to verify that a person or entity seeking access to electronic protected health information is the one claimed.
164.312(e)(1) Transmission SecurityImplement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.
164.312(e)(2)(i) Integrity ControlsImplement security measures to ensure that electronically transmitted electronic protected health information is not improperly modified without detection until disposed of.
164.312(e)(2)(ii) EncryptionImplement a mechanism to encrypt electronic protected health information whenever deemed appropriate.


To View the Compliance Programs available visit Compliance in your Aqua CSPM Console, and select Defaults or Custom to filter the programs displayed, you can also expand the program control details using the Expand Settings toggle.