Loading controls...
Benchmark: 164.308 Administrative Safeguards
Description
An important step in protecting electronic protected health information (EPHI) is to implement reasonable and appropriate administrative safeguards that establish the foundation for a covered entity's security program. The Administrative Safeguards standards in the Security Rule, at § 164.308, were developed to accomplish this purpose.
Usage
Browse dashboards and select 164.308 Administrative Safeguards:
steampipe dashboardOr run the benchmarks in your terminal:
steampipe check aws_compliance.benchmark.hipaa_security_rule_2003_164_308Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share aws_compliance.benchmark.hipaa_security_rule_2003_164_308Benchmarks
- 164.308(a)(1)(ii)(A) Risk analysis
- 164.308(a)(1)(ii)(B) Risk management
- 164.308(a)(1)(ii)(D) Information system activity review
- 164.308(a)(3)(i) Workforce security
- 164.308(a)(3)(ii)(A) Authorization and/or supervision
- 164.308(a)(3)(ii)(B) Workforce clearance procedure
- 164.308(a)(3)(ii)(C) Termination procedures
- 164.308(a)(4)(i) Information access management
- 164.308(a)(4)(ii)(A) Isolating healthcare clearing house functions
- 164.308(a)(4)(ii)(B) Access authorization
- 164.308(a)(4)(ii)(C) Access establishment and modification
- 164.308(a)(5)(ii)(B) Protection from malicious software
- 164.308(a)(5)(ii)(C) Log-in monitoring
- 164.308(a)(5)(ii)(D) Password management
- 164.308(a)(6)(i) Security incident procedures
- 164.308(a)(6)(ii) Response and Reporting
- 164.308(a)(7)(i) Contingency plan
- 164.308(a)(7)(ii)(A) Data backup plan
- 164.308(a)(7)(ii)(B) Disaster recovery plan
- 164.308(a)(7)(ii)(C) Emergency mode operation plan
- 164.308(a)(8) Evaluation