Loading controls...
Benchmark: 164.314(b)(2) Implementation specifications
Description
The plan documents of the group health plan must be amended to incorporate provisions to require the plan sponsor to?
Usage
Browse dashboards and select 164.314(b)(2) Implementation specifications:
steampipe dashboardOr run the benchmarks in your terminal:
steampipe check aws_compliance.benchmark.hipaa_final_omnibus_security_rule_2013_164_314_b_2Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share aws_compliance.benchmark.hipaa_final_omnibus_security_rule_2013_164_314_b_2Controls
- CloudTrail trail logs should be encrypted with KMS CMK
- DynamoDB Accelerator (DAX) clusters should be encrypted at rest
- DynamoDB table should have encryption enabled
- Attached EBS volumes should have encryption enabled
- EBS default encryption should be enabled
- EKS clusters should be configured to have kubernetes secrets encrypted using KMS
- ELB classic load balancers should only use SSL or HTTPS listeners
- ES domain encryption at rest should be enabled
- Elasticsearch domain node-to-node encryption should be enabled
- OpenSearch domains should have encryption at rest enabled
- OpenSearch domains should use HTTPS
- OpenSearch domains node-to-node encryption should be enabled
- RDS DB instance encryption at rest should be enabled
- RDS DB snapshots should be encrypted at rest
- Redshift cluster encryption in transit should be enabled
- AWS Redshift clusters should be encrypted with KMS
- Redshift clusters should prohibit public access
- S3 bucket default encryption should be enabled
- S3 bucket default encryption should be enabled with KMS
- S3 buckets should enforce SSL
- S3 buckets should prohibit public read access
- S3 buckets should prohibit public write access
- S3 public access should be blocked at account level
- SageMaker endpoint configuration encryption should be enabled
- SageMaker notebook instance encryption should be enabled
- VPC should be configured to use VPC endpoints