{"id": "hipaa", "policy": "hipaa", "title": "Health Insurance Portability and Accountability Act (HIPAA)", "source": "https://www.ecfr.gov/current/title-45/subtitle-A/subchapter-C/part-164?toc=1", "definition_location": "/aptdata/openscap/scap-security-guide/controls/hipaa.yml", "controls": [{"id": "164.308(a)(1)(ii)(B)", "levels": ["required"], "notes": "", "title": "Risk management", "description": "Implement security measures sufficient to reduce risks and vulnerabilities to a\nreasonable and appropriate level to comply with \u00a7 164.306(a).", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["enable_authselect", "file_owner_user_cfg", "file_owner_grub2_cfg", "grub2_uefi_password", "file_permissions_user_cfg", "file_groupowner_grub2_cfg", "disable_ctrlaltdel_reboot", "file_groupowner_user_cfg", "grub2_uefi_admin_username", "grub2_password", "require_emergency_target_auth", "grub2_disable_interactive_boot", "coreos_disable_interactive_boot", "securetty_root_login_console_only", "dconf_db_up_to_date", "file_permissions_grub2_cfg", "restrict_serial_port_logins", "disable_ctrlaltdel_burstaction", "require_singleuser_auth", "service_debug-shell_disabled", "no_direct_root_logins", "grub2_admin_username", "no_empty_passwords"], "controls": []}, {"id": "164.308(a)(1)(ii)(D)", "levels": ["required"], "notes": "", "title": "Information system activity review", "description": "Implement procedures to regularly review records of information system activity, such as audit logs, access\nreports, and security incident tracking reports.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["ensure_fedora_gpgkey_installed", "audit_rules_dac_modification_fchmodat2", "audit_rules_dac_modification_fchown", "audit_rules_unsuccessful_file_modification_renameat", "audit_rules_mac_modification_usr_share", "audit_rules_time_watch_localtime", "ensure_gpgcheck_never_disabled", "audit_rules_usergroup_modification_opasswd", "selinux_confinement_of_daemons", "audit_rules_privileged_commands_postqueue", "service_auditd_enabled", "audit_rules_dac_modification_fremovexattr", "package_audit_installed", "audit_rules_usergroup_modification_passwd", "audit_rules_time_stime", "audit_rules_privileged_commands_unix2_chkpwd", "sebool_selinuxuser_execmod", "audit_rules_dac_modification_fchmodat", "audit_rules_dac_modification_lchown", "audit_rules_execution_chcon", "audit_rules_unsuccessful_file_modification_openat", "audit_rules_time_adjtimex", "audit_rules_unsuccessful_file_modification_rename", "audit_rules_execution_setsebool", "audit_rules_unsuccessful_file_modification_openat_o_creat", "ensure_suse_gpgkey_installed", "audit_rules_unsuccessful_file_modification_open_rule_order", "sebool_selinuxuser_execstack", "audit_rules_dac_modification_fsetxattr", "rpm_verify_permissions", "audit_rules_time_settimeofday", "audit_rules_session_events_wtmp", "audit_rules_sysadmin_actions", "package_audit-audispd-plugins_installed", "audit_rules_privileged_commands_umount", "audit_rules_unsuccessful_file_modification_truncate", "audit_rules_dac_modification_lsetxattr", "audit_rules_unsuccessful_file_modification_open_o_creat", "audit_rules_privileged_commands_ssh_keysign", "audit_rules_unsuccessful_file_modification_open_by_handle_at", "ensure_almalinux_gpgkey_installed", "ensure_gpgcheck_repo_metadata", "sysctl_kernel_exec_shield", "ensure_gpgcheck_globally_activated", "sysctl_fs_suid_dumpable", "grub2_audit_argument", "audit_rules_file_deletion_events_renameat", "audit_rules_dac_modification_lremovexattr", "audit_rules_time_clock_settime", "audit_rules_kernel_module_loading_init", "audit_rules_immutable", "audit_rules_media_export", "audit_rules_usergroup_modification_gshadow", "audit_rules_unsuccessful_file_modification_creat", "audit_rules_dac_modification_chown", "audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order", "audit_rules_unsuccessful_file_modification_openat_o_trunc_write", "audit_rules_unsuccessful_file_modification_open_o_trunc_write", "audit_rules_privileged_commands_sudoedit", "audit_rules_kernel_module_loading_delete", "audit_rules_privileged_commands_crontab", "audit_rules_unsuccessful_file_modification_open", "coreos_audit_option", "rsyslog_remote_loghost", "audit_rules_file_deletion_events_rename", "audit_rules_unsuccessful_file_modification_unlinkat", "encrypt_partitions", "selinux_policytype", "ensure_gpgcheck_local_packages", "audit_rules_privileged_commands_postdrop", "audit_rules_networkconfig_modification", "audit_rules_file_deletion_events_unlink", "sebool_selinuxuser_execheap", "audit_rules_session_events_btmp", "audit_rules_usergroup_modification_shadow", "rpm_verify_hashes", "sysctl_kernel_randomize_va_space", "audit_rules_privileged_commands_chsh", "audit_rules_session_events_utmp", "audit_rules_execution_semanage", "audit_rules_dac_modification_chmod", "audit_rules_login_events_tallylog", "audit_rules_privileged_commands_passwd", "audit_rules_mac_modification", "coreos_enable_selinux_kernel_argument", "audit_rules_privileged_commands_unix_chkpwd", "audit_rules_dac_modification_fchmod", "audit_rules_file_deletion_events_rmdir", "grub2_enable_selinux", "audit_rules_privileged_commands_pam_timestamp_check", "audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat", "audit_rules_dac_modification_removexattr", "auditd_audispd_syslog_plugin_activated", "selinux_state", "audit_rules_login_events_lastlog", "audit_rules_privileged_commands_su", "audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write", "audit_rules_dac_modification_fchownat", "auditd_data_retention_flush", "audit_rules_usergroup_modification_group", "audit_rules_system_shutdown", "audit_rules_unsuccessful_file_modification_unlink", "audit_rules_execution_restorecon", "service_kdump_disabled", "audit_rules_privileged_commands_sudo", "audit_rules_privileged_commands_userhelper", "audit_rules_privileged_commands_chage", "audit_rules_login_events_faillock", "audit_rules_file_deletion_events_unlinkat", "audit_rules_dac_modification_setxattr", "audit_rules_unsuccessful_file_modification_ftruncate", "audit_rules_file_deletion_events_renameat2", "audit_rules_unsuccessful_file_modification_openat_rule_order", "ensure_redhat_gpgkey_installed", "audit_rules_privileged_commands_gpasswd", "sysctl_kernel_dmesg_restrict", "audit_rules_privileged_commands_newgrp", "audit_rules_kernel_module_loading_finit"], "controls": []}, {"id": "164.308(a)(3)", "levels": ["base"], "notes": "", "title": "Workforce security", "description": "Implement policies and procedures to ensure that all members of its workforce have appropriate access to electronic protected health information, as provided under paragraph (a)(4) of this section, and to prevent those workforce members who do not have access under paragraph (a)(4) of this section from obtaining access to electronic protected health information.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_kdump_disabled", "sysctl_kernel_exec_shield", "selinux_confinement_of_daemons", "coreos_enable_selinux_kernel_argument", "sebool_selinuxuser_execheap", "sebool_selinuxuser_execmod", "sysctl_kernel_dmesg_restrict", "sysctl_fs_suid_dumpable", "grub2_enable_selinux", "selinux_state", "selinux_policytype", "sysctl_kernel_randomize_va_space", "sebool_selinuxuser_execstack"], "controls": []}, {"id": "164.308(a)(3)(i)", "levels": ["addressable"], "notes": "", "title": "Standard: Workforce security", "description": "Implement policies and procedures to ensure that all members of its workforce have appropriate access to electronic protected health information, as provided under paragraph (a)(4) of this section, and to prevent those workforce members who do not have access under paragraph (a)(4) of this section from obtaining access to electronic protected health information.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_usb-storage_disabled", "service_autofs_disabled", "coreos_nousb_kernel_argument"], "controls": []}, {"id": "164.308(a)(3)(ii)(A)", "levels": ["required"], "notes": "", "title": "Authorization and/or supervision (Addressable)", "description": "Implement procedures for the authorization and/or supervision of workforce members who work with electronic protected health information or in locations where it might be accessed.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_dac_modification_fchmodat2", "audit_rules_dac_modification_fchown", "audit_rules_unsuccessful_file_modification_renameat", "audit_rules_mac_modification_usr_share", "audit_rules_time_watch_localtime", "audit_rules_usergroup_modification_opasswd", "audit_rules_privileged_commands_postqueue", "audit_rules_dac_modification_fremovexattr", "audit_rules_usergroup_modification_passwd", "coreos_nousb_kernel_argument", "audit_rules_time_stime", "audit_rules_privileged_commands_unix2_chkpwd", "audit_rules_dac_modification_fchmodat", "audit_rules_dac_modification_lchown", "audit_rules_execution_chcon", "audit_rules_unsuccessful_file_modification_openat", "audit_rules_time_adjtimex", "audit_rules_unsuccessful_file_modification_rename", "audit_rules_execution_setsebool", "audit_rules_unsuccessful_file_modification_openat_o_creat", "audit_rules_unsuccessful_file_modification_open_rule_order", "audit_rules_dac_modification_fsetxattr", "audit_rules_time_settimeofday", "audit_rules_session_events_wtmp", "audit_rules_sysadmin_actions", "audit_rules_privileged_commands_umount", "audit_rules_unsuccessful_file_modification_truncate", "audit_rules_dac_modification_lsetxattr", "audit_rules_unsuccessful_file_modification_open_o_creat", "service_autofs_disabled", "audit_rules_privileged_commands_ssh_keysign", "audit_rules_unsuccessful_file_modification_open_by_handle_at", "audit_rules_file_deletion_events_renameat", "audit_rules_dac_modification_lremovexattr", "audit_rules_time_clock_settime", "audit_rules_kernel_module_loading_init", "audit_rules_immutable", "audit_rules_media_export", "audit_rules_usergroup_modification_gshadow", "audit_rules_unsuccessful_file_modification_creat", "audit_rules_dac_modification_chown", "audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order", "audit_rules_unsuccessful_file_modification_openat_o_trunc_write", "audit_rules_unsuccessful_file_modification_open_o_trunc_write", "audit_rules_kernel_module_loading_delete", "audit_rules_privileged_commands_crontab", "audit_rules_privileged_commands_sudoedit", "audit_rules_unsuccessful_file_modification_open", "kernel_module_usb-storage_disabled", "audit_rules_file_deletion_events_rename", "audit_rules_unsuccessful_file_modification_unlinkat", "audit_rules_privileged_commands_postdrop", "audit_rules_networkconfig_modification", "audit_rules_file_deletion_events_unlink", "audit_rules_session_events_btmp", "audit_rules_usergroup_modification_shadow", "audit_rules_privileged_commands_chsh", "audit_rules_session_events_utmp", "audit_rules_execution_semanage", "audit_rules_dac_modification_chmod", "audit_rules_login_events_tallylog", "audit_rules_privileged_commands_passwd", "audit_rules_mac_modification", "audit_rules_privileged_commands_unix_chkpwd", "audit_rules_dac_modification_fchmod", "audit_rules_file_deletion_events_rmdir", "audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat", "audit_rules_privileged_commands_pam_timestamp_check", "audit_rules_dac_modification_removexattr", "audit_rules_login_events_lastlog", "audit_rules_privileged_commands_su", "audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write", "audit_rules_dac_modification_fchownat", "auditd_data_retention_flush", "audit_rules_usergroup_modification_group", "audit_rules_system_shutdown", "audit_rules_unsuccessful_file_modification_unlink", "audit_rules_execution_restorecon", "audit_rules_privileged_commands_sudo", "audit_rules_privileged_commands_userhelper", "audit_rules_privileged_commands_chage", "audit_rules_login_events_faillock", "audit_rules_file_deletion_events_unlinkat", "audit_rules_dac_modification_setxattr", "audit_rules_unsuccessful_file_modification_ftruncate", "audit_rules_file_deletion_events_renameat2", "audit_rules_unsuccessful_file_modification_openat_rule_order", "audit_rules_privileged_commands_gpasswd", "audit_rules_privileged_commands_newgrp", "audit_rules_kernel_module_loading_finit"], "controls": []}, {"id": "164.308(a)(4)", "levels": ["base"], "notes": "", "title": "Information Access Management", "description": "Implement policies and procedures for authorizing\naccess to electronic protected health information that are consistent with the applicable\nrequirements of subpart E of this part.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_kdump_disabled", "sysctl_kernel_exec_shield", "selinux_confinement_of_daemons", "coreos_enable_selinux_kernel_argument", "sebool_selinuxuser_execheap", "sebool_selinuxuser_execmod", "sysctl_kernel_dmesg_restrict", "sysctl_fs_suid_dumpable", "grub2_enable_selinux", "selinux_state", "selinux_policytype", "sysctl_kernel_randomize_va_space", "sebool_selinuxuser_execstack"], "controls": []}, {"id": "164.308(a)(4)(i)", "levels": ["base"], "notes": "", "title": "Information access management", "description": "Implement policies and procedures for authorizing\naccess to electronic protected health information that are consistent with the applicable\nrequirements of subpart E of this part.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_empty_passwords", "service_rexec_disabled", "sshd_disable_user_known_hosts", "package_talk_removed", "package_rsh_removed", "disable_host_auth", "sshd_allow_only_protocol2", "sshd_set_keepalive", "dconf_gnome_remote_access_encryption", "sshd_set_keepalive_0", "sshd_disable_rhosts_rsa", "sshd_enable_warning_banner", "package_tcp_wrappers_removed", "use_kerberos_security_all_exports", "sshd_disable_root_login", "sshd_disable_gssapi_auth", "service_zebra_disabled", "sshd_do_not_permit_user_env", "dconf_gnome_remote_access_credential_prompt", "package_telnet-server_removed", "sshd_disable_compression", "service_crond_enabled", "service_ypbind_disabled", "package_ypserv_removed", "service_xinetd_disabled", "package_xinetd_removed", "service_telnet_disabled", "sshd_enable_strictmodes", "configure_crypto_policy", "package_telnet_removed", "libreswan_approved_tunnels", "service_rsh_disabled", "service_rlogin_disabled", "package_ypbind_removed", "package_cron_installed", "service_cron_enabled", "package_rsh-server_removed", "configure_ssh_crypto_policy", "package_talk-server_removed", "sshd_disable_kerb_auth"], "controls": []}, {"id": "164.308(a)(5)(ii)(A)", "levels": ["addressable"], "notes": "", "title": "Security reminders", "description": "Periodic security updates.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["dconf_db_up_to_date"], "controls": []}, {"id": "164.308(a)(5)(ii)(B)", "levels": ["base"], "notes": "", "title": "Protection from malicious software", "description": "Procedures for guarding against, detecting, and reporting malicious software.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["auditd_audispd_syslog_plugin_activated", "rsyslog_remote_loghost"], "controls": []}, {"id": "164.308(a)(5)(ii)(C)", "levels": ["base"], "notes": "", "title": "Log-in monitoring", "description": "Procedures for monitoring log-in attempts and reporting discrepancies.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_dac_modification_fchmodat2", "audit_rules_dac_modification_fchown", "audit_rules_unsuccessful_file_modification_renameat", "audit_rules_mac_modification_usr_share", "audit_rules_time_watch_localtime", "audit_rules_usergroup_modification_opasswd", "audit_rules_privileged_commands_postqueue", "service_auditd_enabled", "audit_rules_dac_modification_fremovexattr", "package_audit_installed", "audit_rules_usergroup_modification_passwd", "audit_rules_time_stime", "audit_rules_privileged_commands_unix2_chkpwd", "audit_rules_dac_modification_fchmodat", "audit_rules_dac_modification_lchown", "audit_rules_execution_chcon", "audit_rules_unsuccessful_file_modification_openat", "audit_rules_time_adjtimex", "audit_rules_unsuccessful_file_modification_rename", "audit_rules_execution_setsebool", "audit_rules_unsuccessful_file_modification_openat_o_creat", "audit_rules_unsuccessful_file_modification_open_rule_order", "audit_rules_dac_modification_fsetxattr", "audit_rules_time_settimeofday", "audit_rules_session_events_wtmp", "audit_rules_sysadmin_actions", "package_audit-audispd-plugins_installed", "audit_rules_privileged_commands_umount", "audit_rules_unsuccessful_file_modification_truncate", "audit_rules_dac_modification_lsetxattr", "audit_rules_unsuccessful_file_modification_open_o_creat", "audit_rules_privileged_commands_ssh_keysign", "audit_rules_unsuccessful_file_modification_open_by_handle_at", "grub2_audit_argument", "audit_rules_file_deletion_events_renameat", "audit_rules_dac_modification_lremovexattr", "audit_rules_time_clock_settime", "audit_rules_kernel_module_loading_init", "audit_rules_immutable", "audit_rules_media_export", "audit_rules_usergroup_modification_gshadow", "audit_rules_unsuccessful_file_modification_creat", "audit_rules_dac_modification_chown", "audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order", "audit_rules_unsuccessful_file_modification_openat_o_trunc_write", "audit_rules_unsuccessful_file_modification_open_o_trunc_write", "audit_rules_kernel_module_loading_delete", "audit_rules_privileged_commands_crontab", "audit_rules_privileged_commands_sudoedit", "audit_rules_unsuccessful_file_modification_open", "coreos_audit_option", "rsyslog_remote_loghost", "audit_rules_file_deletion_events_rename", "audit_rules_unsuccessful_file_modification_unlinkat", "audit_rules_privileged_commands_postdrop", "audit_rules_networkconfig_modification", "audit_rules_file_deletion_events_unlink", "audit_rules_session_events_btmp", "audit_rules_usergroup_modification_shadow", "audit_rules_privileged_commands_chsh", "audit_rules_session_events_utmp", "audit_rules_execution_semanage", "audit_rules_dac_modification_chmod", "audit_rules_login_events_tallylog", "audit_rules_privileged_commands_passwd", "audit_rules_mac_modification", "audit_rules_privileged_commands_unix_chkpwd", "audit_rules_dac_modification_fchmod", "audit_rules_file_deletion_events_rmdir", "audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat", "audit_rules_privileged_commands_pam_timestamp_check", "audit_rules_dac_modification_removexattr", "auditd_audispd_syslog_plugin_activated", "audit_rules_login_events_lastlog", "audit_rules_privileged_commands_su", "audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write", "audit_rules_dac_modification_fchownat", "auditd_data_retention_flush", "audit_rules_usergroup_modification_group", "audit_rules_system_shutdown", "audit_rules_unsuccessful_file_modification_unlink", "audit_rules_execution_restorecon", "audit_rules_privileged_commands_sudo", "audit_rules_privileged_commands_userhelper", "audit_rules_privileged_commands_chage", "audit_rules_login_events_faillock", "audit_rules_file_deletion_events_unlinkat", "audit_rules_dac_modification_setxattr", "audit_rules_unsuccessful_file_modification_ftruncate", "audit_rules_file_deletion_events_renameat2", "audit_rules_unsuccessful_file_modification_openat_rule_order", "audit_rules_privileged_commands_gpasswd", "audit_rules_privileged_commands_newgrp", "audit_rules_kernel_module_loading_finit"], "controls": []}, {"id": "164.308(a)(6)(ii)", "levels": ["required"], "notes": "", "title": "Response and reporting", "description": "Identify and respond to suspected or known security incidents; mitigate, to the extent practicable,\nharmful effects of security incidents that are known to the covered entity or business associate; and\ndocument security incidents and their outcomes.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["auditd_audispd_syslog_plugin_activated", "rsyslog_remote_loghost"], "controls": []}, {"id": "164.308(a)(7)(i)", "levels": ["base"], "notes": "", "title": "Contingency plan", "description": "Establish (and implement as needed) policies and procedures for responding to an emergency or other\noccurrence (for example, fire, vandalism, system failure, and natural disaster) that damages systems that\ncontain electronic protected health information.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["enable_authselect", "file_owner_user_cfg", "file_owner_grub2_cfg", "grub2_uefi_password", "file_permissions_user_cfg", "file_groupowner_grub2_cfg", "disable_ctrlaltdel_reboot", "file_groupowner_user_cfg", "grub2_uefi_admin_username", "grub2_password", "require_emergency_target_auth", "grub2_disable_interactive_boot", "coreos_disable_interactive_boot", "securetty_root_login_console_only", "file_permissions_grub2_cfg", "restrict_serial_port_logins", "disable_ctrlaltdel_burstaction", "require_singleuser_auth", "service_debug-shell_disabled", "no_direct_root_logins", "grub2_admin_username", "no_empty_passwords", "var_authselect_profile=sssd"], "controls": []}, {"id": "164.308(a)(7)(ii)(A)", "levels": ["required"], "notes": "", "title": "Data backup plan", "description": "Establish and implement procedures to create and maintain retrievable exact copies of electronic protected\nhealth information.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["enable_authselect", "file_owner_user_cfg", "file_owner_grub2_cfg", "grub2_uefi_password", "file_permissions_user_cfg", "file_groupowner_grub2_cfg", "disable_ctrlaltdel_reboot", "file_groupowner_user_cfg", "grub2_uefi_admin_username", "grub2_password", "require_emergency_target_auth", "grub2_disable_interactive_boot", "coreos_disable_interactive_boot", "securetty_root_login_console_only", "file_permissions_grub2_cfg", "restrict_serial_port_logins", "disable_ctrlaltdel_burstaction", "require_singleuser_auth", "service_debug-shell_disabled", "no_direct_root_logins", "grub2_admin_username", "no_empty_passwords"], "controls": []}, {"id": "164.308(a)(8)", "levels": ["base"], "notes": "", "title": "Evaluation", "description": "Perform a periodic technical and nontechnical evaluation, based initially upon\nthe standards implemented under this rule and, subsequently, in response to environmental or\noperational changes affecting the security of electronic protected health information, that\nestablishes the extent to which a covered entity's or business associate's security policies and\nprocedures meet the requirements of this subpart.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["auditd_audispd_syslog_plugin_activated", "rsyslog_remote_loghost"], "controls": []}, {"id": "164.308(b)(1)", "levels": ["base"], "notes": "", "title": "Business associate contracts and other arrangements", "description": "A covered entity may permit a business\nassociate to create, receive, maintain, or transmit electronic protected health information on the\ncovered entity's behalf only if the covered entity obtains satisfactory assurances, in accordance with\n\u00a7 164.314(a), that the business associate will appropriately safeguard the information. A covered\nentity is not required to obtain such satisfactory assurances from a business associate that is a\nsubcontractor", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_empty_passwords", "service_rexec_disabled", "sshd_disable_user_known_hosts", "package_talk_removed", "package_rsh_removed", "disable_host_auth", "sshd_allow_only_protocol2", "sshd_set_keepalive", "dconf_gnome_remote_access_encryption", "sshd_disable_rhosts_rsa", "sshd_use_approved_macs", "sshd_enable_warning_banner", "package_tcp_wrappers_removed", "use_kerberos_security_all_exports", "sshd_disable_root_login", "sshd_disable_gssapi_auth", "service_zebra_disabled", "sshd_do_not_permit_user_env", "dconf_gnome_remote_access_credential_prompt", "package_telnet-server_removed", "sshd_disable_compression", "service_crond_enabled", "service_ypbind_disabled", "encrypt_partitions", "package_ypserv_removed", "service_xinetd_disabled", "package_xinetd_removed", "service_telnet_disabled", "sshd_enable_strictmodes", "configure_crypto_policy", "package_telnet_removed", "libreswan_approved_tunnels", "service_rsh_disabled", "service_rlogin_disabled", "package_ypbind_removed", "package_cron_installed", "service_cron_enabled", "sshd_use_approved_ciphers", "package_rsh-server_removed", "configure_ssh_crypto_policy", "package_talk-server_removed", "sshd_use_priv_separation", "sshd_disable_kerb_auth", "var_sshd_set_keepalive=1"], "controls": []}, {"id": "164.308(b)(2)", "levels": ["base"], "notes": "This title was created by analysis, not by the CFR.", "title": "Sub-contractors must follow 164.314(a)", "description": "A business associate may permit a business associate that is a subcontractor to create, receive, maintain,\nor transmit electronic protected health information on its behalf only if the business associate obtains\nsatisfactory assurances, in accordance with \u00a7 164.314(a), that the subcontractor will appropriately\nsafeguard the information.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_use_approved_macs", "sshd_use_approved_ciphers"], "controls": []}, {"id": "164.308(b)(3)", "levels": ["required"], "notes": "", "title": "Implementation specifications: Written contract or other arrangement.", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_empty_passwords", "service_rexec_disabled", "sshd_disable_user_known_hosts", "package_talk_removed", "package_rsh_removed", "disable_host_auth", "sshd_allow_only_protocol2", "sshd_set_keepalive", "dconf_gnome_remote_access_encryption", "sshd_set_keepalive_0", "sshd_disable_rhosts_rsa", "sshd_enable_warning_banner", "package_tcp_wrappers_removed", "use_kerberos_security_all_exports", "sshd_disable_root_login", "sshd_disable_gssapi_auth", "service_zebra_disabled", "sshd_do_not_permit_user_env", "dconf_gnome_remote_access_credential_prompt", "package_telnet-server_removed", "sshd_disable_compression", "service_crond_enabled", "service_ypbind_disabled", "package_ypserv_removed", "service_xinetd_disabled", "package_xinetd_removed", "service_telnet_disabled", "sshd_enable_strictmodes", "configure_crypto_policy", "package_telnet_removed", "libreswan_approved_tunnels", "service_rsh_disabled", "service_rlogin_disabled", "package_ypbind_removed", "package_cron_installed", "service_cron_enabled", "package_rsh-server_removed", "configure_ssh_crypto_policy", "package_talk-server_removed", "sshd_use_priv_separation", "sshd_disable_kerb_auth"], "controls": []}, {"id": "164.310(a)(1)", "levels": ["base"], "notes": "", "title": "Facility access controls", "description": "Implement policies and procedures to limit physical access to its electronic information systems and the\nfacility or facilities in which they are housed, while ensuring that properly authorized access is allowed.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["enable_authselect", "file_owner_user_cfg", "file_owner_grub2_cfg", "grub2_uefi_password", "file_permissions_user_cfg", "file_groupowner_grub2_cfg", "disable_ctrlaltdel_reboot", "file_groupowner_user_cfg", "grub2_uefi_admin_username", "grub2_password", "require_emergency_target_auth", "grub2_disable_interactive_boot", "coreos_disable_interactive_boot", "securetty_root_login_console_only", "file_permissions_grub2_cfg", "restrict_serial_port_logins", "disable_ctrlaltdel_burstaction", "require_singleuser_auth", "service_debug-shell_disabled", "no_direct_root_logins", "grub2_admin_username", "no_empty_passwords"], "controls": []}, {"id": "164.310(a)(2)(i)", "levels": ["addressable"], "notes": "", "title": "Contingency operations", "description": "Establish (and implement as needed) procedures that allow facility access in support of restoration of los\ndata under the disaster recovery plan and emergency mode operations plan in the event of an emergency.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["enable_authselect", "file_owner_user_cfg", "file_owner_grub2_cfg", "grub2_uefi_password", "file_permissions_user_cfg", "file_groupowner_grub2_cfg", "disable_ctrlaltdel_reboot", "file_groupowner_user_cfg", "grub2_uefi_admin_username", "grub2_password", "require_emergency_target_auth", "grub2_disable_interactive_boot", "coreos_disable_interactive_boot", "securetty_root_login_console_only", "file_permissions_grub2_cfg", "restrict_serial_port_logins", "disable_ctrlaltdel_burstaction", "require_singleuser_auth", "service_debug-shell_disabled", "no_direct_root_logins", "grub2_admin_username", "no_empty_passwords"], "controls": []}, {"id": "164.310(a)(2)(ii)", "levels": ["addressable"], "notes": "", "title": "Contingency operations", "description": "Establish (and implement as needed) procedures that allow facility access in support of restoration of lost\ndata under the disaster recovery plan and emergency mode operations plan in the event of an emergency.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["enable_authselect", "file_owner_user_cfg", "file_owner_grub2_cfg", "grub2_uefi_password", "file_permissions_user_cfg", "file_groupowner_grub2_cfg", "disable_ctrlaltdel_reboot", "file_groupowner_user_cfg", "grub2_uefi_admin_username", "grub2_password", "require_emergency_target_auth", "grub2_disable_interactive_boot", "coreos_disable_interactive_boot", "securetty_root_login_console_only", "file_permissions_grub2_cfg", "restrict_serial_port_logins", "disable_ctrlaltdel_burstaction", "require_singleuser_auth", "service_debug-shell_disabled", "no_direct_root_logins", "grub2_admin_username", "no_empty_passwords"], "controls": []}, {"id": "164.310(a)(2)(iii)", "levels": ["addressable"], "notes": "", "title": "Access control and validation procedures", "description": "Implement procedures to control and validate a person's access to facilities based on their role or\nfunction, including visitor control, and control of access to software programs for testing and revision.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["enable_authselect", "file_owner_user_cfg", "file_owner_grub2_cfg", "grub2_uefi_password", "file_permissions_user_cfg", "file_groupowner_grub2_cfg", "disable_ctrlaltdel_reboot", "file_groupowner_user_cfg", "grub2_uefi_admin_username", "grub2_password", "require_emergency_target_auth", "grub2_disable_interactive_boot", "coreos_disable_interactive_boot", "securetty_root_login_console_only", "file_permissions_grub2_cfg", "restrict_serial_port_logins", "disable_ctrlaltdel_burstaction", "require_singleuser_auth", "service_debug-shell_disabled", "no_direct_root_logins", "grub2_admin_username", "no_empty_passwords"], "controls": []}, {"id": "164.310(a)(2)(iv)", "levels": ["base"], "notes": "", "title": "Maintenance records", "description": "Implement policies and procedures to document repairs and modifications to the physical components of a\nfacility which are related to security (for example, hardware, walls, doors, and locks).", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["grub2_audit_argument", "service_auditd_enabled", "package_audit-audispd-plugins_installed", "coreos_audit_option", "audit_rules_immutable", "package_audit_installed"], "controls": []}, {"id": "164.310(b)", "levels": ["addressable"], "notes": "", "title": "Workstation use", "description": "Implement policies and procedures that specify the proper functions to be performed, the manner in which\nthose functions are to be performed, and the physical attributes of the surroundings of a specific\nworkstation or class of workstation that can access electronic protected health information.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["enable_authselect", "sshd_disable_empty_passwords", "service_rexec_disabled", "file_owner_user_cfg", "sshd_disable_user_known_hosts", "selinux_confinement_of_daemons", "package_rsh_removed", "package_talk_removed", "sshd_disable_kerb_auth", "file_owner_grub2_cfg", "grub2_uefi_password", "file_permissions_user_cfg", "disable_host_auth", "sshd_allow_only_protocol2", "file_groupowner_grub2_cfg", "sshd_set_keepalive", "selinux_state", "dconf_gnome_remote_access_encryption", "disable_ctrlaltdel_reboot", "sshd_set_keepalive_0", "sshd_disable_rhosts_rsa", "sshd_enable_warning_banner", "package_tcp_wrappers_removed", "use_kerberos_security_all_exports", "sshd_disable_root_login", "sysctl_kernel_exec_shield", "sshd_disable_gssapi_auth", "service_zebra_disabled", "sshd_do_not_permit_user_env", "file_groupowner_user_cfg", "dconf_gnome_remote_access_credential_prompt", "package_telnet-server_removed", "sshd_disable_compression", "service_crond_enabled", "grub2_password", "grub2_uefi_admin_username", "service_ypbind_disabled", "sebool_selinuxuser_execmod", "sysctl_fs_suid_dumpable", "require_emergency_target_auth", "selinux_policytype", "grub2_disable_interactive_boot", "package_ypserv_removed", "coreos_disable_interactive_boot", "securetty_root_login_console_only", "service_xinetd_disabled", "service_kdump_disabled", "package_xinetd_removed", "service_telnet_disabled", "sshd_enable_strictmodes", "package_telnet_removed", "file_permissions_grub2_cfg", "restrict_serial_port_logins", "sebool_selinuxuser_execheap", "disable_ctrlaltdel_burstaction", "libreswan_approved_tunnels", "sysctl_kernel_randomize_va_space", "service_rsh_disabled", "require_singleuser_auth", "service_debug-shell_disabled", "sebool_selinuxuser_execstack", "service_rlogin_disabled", "package_ypbind_removed", "no_direct_root_logins", "package_cron_installed", "service_cron_enabled", "coreos_enable_selinux_kernel_argument", "package_rsh-server_removed", "package_talk-server_removed", "sshd_use_priv_separation", "sysctl_kernel_dmesg_restrict", "grub2_admin_username", "grub2_enable_selinux", "no_empty_passwords", "var_selinux_policy_name=targeted", "var_selinux_state=enforcing"], "controls": []}, {"id": "164.310(c)", "levels": ["base"], "notes": "", "title": "Workstation security", "description": "Implement physical safeguards for all workstations that access electronic protected health information,\nto restrict access to authorized users.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["enable_authselect", "file_owner_user_cfg", "selinux_confinement_of_daemons", "file_owner_grub2_cfg", "grub2_uefi_password", "file_permissions_user_cfg", "file_groupowner_grub2_cfg", "selinux_state", "disable_ctrlaltdel_reboot", "sysctl_kernel_exec_shield", "file_groupowner_user_cfg", "grub2_uefi_admin_username", "sebool_selinuxuser_execmod", "grub2_password", "sysctl_fs_suid_dumpable", "selinux_policytype", "require_emergency_target_auth", "grub2_disable_interactive_boot", "coreos_disable_interactive_boot", "securetty_root_login_console_only", "service_kdump_disabled", "file_permissions_grub2_cfg", "restrict_serial_port_logins", "sebool_selinuxuser_execheap", "disable_ctrlaltdel_burstaction", "sysctl_kernel_randomize_va_space", "require_singleuser_auth", "service_debug-shell_disabled", "sebool_selinuxuser_execstack", "no_direct_root_logins", "coreos_enable_selinux_kernel_argument", "sysctl_kernel_dmesg_restrict", "grub2_admin_username", "grub2_enable_selinux", "no_empty_passwords"], "controls": []}, {"id": "164.310(d)", "levels": ["base"], "notes": "", "title": "Person or entity authentication", "description": "Implement procedures to verify that a person or entity seeking access to electronic protected health\ninformation is the one claimed.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["encrypt_partitions"], "controls": []}, {"id": "164.310(d)(1)", "levels": ["base"], "notes": "", "title": "Device and media control", "description": null, "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["enable_authselect", "file_owner_user_cfg", "service_autofs_disabled", "file_owner_grub2_cfg", "grub2_uefi_password", "file_permissions_user_cfg", "file_groupowner_grub2_cfg", "disable_ctrlaltdel_reboot", "coreos_nousb_kernel_argument", "kernel_module_usb-storage_disabled", "file_groupowner_user_cfg", "grub2_uefi_admin_username", "grub2_password", "require_emergency_target_auth", "grub2_disable_interactive_boot", "coreos_disable_interactive_boot", "securetty_root_login_console_only", "file_permissions_grub2_cfg", "restrict_serial_port_logins", "disable_ctrlaltdel_burstaction", "require_singleuser_auth", "service_debug-shell_disabled", "no_direct_root_logins", "grub2_admin_username", "no_empty_passwords"], "controls": []}, {"id": "164.310(d)(2)", "levels": ["base"], "notes": "", "title": "Device and media controls", "description": "Implement policies and procedures that govern the receipt and removal of hardware and electronic media that\ncontain electronic protected health information into and out of a facility, and the movement of these items\nwithin the facility.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_usb-storage_disabled", "service_autofs_disabled", "coreos_nousb_kernel_argument"], "controls": []}, {"id": "164.310(d)(2)(iii)", "levels": ["addressable"], "notes": "", "title": "Accountability", "description": "Maintain a record of the movements of hardware and electronic media and any person responsible therefore.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["enable_authselect", "file_owner_user_cfg", "auditd_audispd_syslog_plugin_activated", "service_auditd_enabled", "file_owner_grub2_cfg", "grub2_uefi_password", "file_permissions_user_cfg", "file_groupowner_grub2_cfg", "coreos_audit_option", "package_audit_installed", "disable_ctrlaltdel_reboot", "rsyslog_remote_loghost", "file_groupowner_user_cfg", "grub2_uefi_admin_username", "grub2_password", "require_emergency_target_auth", "grub2_disable_interactive_boot", "coreos_disable_interactive_boot", "securetty_root_login_console_only", "grub2_audit_argument", "file_permissions_grub2_cfg", "restrict_serial_port_logins", "disable_ctrlaltdel_burstaction", "require_singleuser_auth", "service_debug-shell_disabled", "audit_rules_immutable", "no_direct_root_logins", "package_audit-audispd-plugins_installed", "grub2_admin_username", "no_empty_passwords"], "controls": []}, {"id": "164.312(a)", "levels": ["base"], "notes": "", "title": "Access Control", "description": "Implement technical policies and procedures for electronic information systems that maintain electronic\nprotected health information to allow access only to those persons or software programs that have been\ngranted access rights as specified in \u00a7 164.308(a)(4).", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["service_kdump_disabled", "sysctl_kernel_exec_shield", "selinux_confinement_of_daemons", "coreos_enable_selinux_kernel_argument", "sebool_selinuxuser_execheap", "sebool_selinuxuser_execmod", "sshd_use_directory_configuration", "sysctl_kernel_dmesg_restrict", "sysctl_fs_suid_dumpable", "grub2_enable_selinux", "selinux_state", "selinux_policytype", "sysctl_kernel_randomize_va_space", "sebool_selinuxuser_execstack"], "controls": []}, {"id": "164.312(a)(1)", "levels": ["base"], "notes": "", "title": "Access Control", "description": "Implement technical policies and procedures for electronic information systems that maintain electronic\nprotected health information to allow access only to those persons or software programs that have been\ngranted access rights as specified in \u00a7 164.308(a)(4).", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_usb-storage_disabled", "service_autofs_disabled", "encrypt_partitions", "coreos_nousb_kernel_argument"], "controls": []}, {"id": "164.312(a)(2)(i)", "levels": ["required"], "notes": "", "title": "Unique user identification", "description": "Assign a unique name and/or number for identifying and tracking user identity.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_dac_modification_fchmodat2", "audit_rules_dac_modification_fchown", "audit_rules_unsuccessful_file_modification_renameat", "audit_rules_mac_modification_usr_share", "audit_rules_time_watch_localtime", "audit_rules_usergroup_modification_opasswd", "audit_rules_privileged_commands_postqueue", "audit_rules_dac_modification_fremovexattr", "audit_rules_usergroup_modification_passwd", "audit_rules_time_stime", "audit_rules_privileged_commands_unix2_chkpwd", "audit_rules_dac_modification_fchmodat", "audit_rules_dac_modification_lchown", "audit_rules_execution_chcon", "audit_rules_unsuccessful_file_modification_openat", "audit_rules_time_adjtimex", "audit_rules_unsuccessful_file_modification_rename", "audit_rules_execution_setsebool", "audit_rules_unsuccessful_file_modification_openat_o_creat", "audit_rules_unsuccessful_file_modification_open_rule_order", "audit_rules_dac_modification_fsetxattr", "audit_rules_time_settimeofday", "audit_rules_session_events_wtmp", "audit_rules_sysadmin_actions", "audit_rules_privileged_commands_umount", "audit_rules_unsuccessful_file_modification_truncate", "audit_rules_dac_modification_lsetxattr", "audit_rules_unsuccessful_file_modification_open_o_creat", "audit_rules_privileged_commands_ssh_keysign", "audit_rules_unsuccessful_file_modification_open_by_handle_at", "audit_rules_file_deletion_events_renameat", "audit_rules_dac_modification_lremovexattr", "audit_rules_time_clock_settime", "audit_rules_kernel_module_loading_init", "audit_rules_immutable", "audit_rules_media_export", "audit_rules_usergroup_modification_gshadow", "audit_rules_unsuccessful_file_modification_creat", "audit_rules_dac_modification_chown", "audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order", "audit_rules_unsuccessful_file_modification_openat_o_trunc_write", "audit_rules_unsuccessful_file_modification_open_o_trunc_write", "audit_rules_kernel_module_loading_delete", "audit_rules_privileged_commands_crontab", "audit_rules_privileged_commands_sudoedit", "audit_rules_unsuccessful_file_modification_open", "audit_rules_file_deletion_events_rename", "audit_rules_unsuccessful_file_modification_unlinkat", "audit_rules_privileged_commands_postdrop", "audit_rules_networkconfig_modification", "audit_rules_file_deletion_events_unlink", "audit_rules_session_events_btmp", "audit_rules_usergroup_modification_shadow", "audit_rules_privileged_commands_chsh", "audit_rules_session_events_utmp", "audit_rules_execution_semanage", "audit_rules_dac_modification_chmod", "audit_rules_login_events_tallylog", "audit_rules_privileged_commands_passwd", "audit_rules_mac_modification", "audit_rules_privileged_commands_unix_chkpwd", "audit_rules_dac_modification_fchmod", "audit_rules_file_deletion_events_rmdir", "audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat", "audit_rules_privileged_commands_pam_timestamp_check", "audit_rules_dac_modification_removexattr", "audit_rules_login_events_lastlog", "audit_rules_privileged_commands_su", "audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write", "audit_rules_dac_modification_fchownat", "auditd_data_retention_flush", "audit_rules_usergroup_modification_group", "audit_rules_system_shutdown", "audit_rules_unsuccessful_file_modification_unlink", "audit_rules_execution_restorecon", "audit_rules_privileged_commands_sudo", "audit_rules_privileged_commands_userhelper", "audit_rules_privileged_commands_chage", "audit_rules_login_events_faillock", "audit_rules_file_deletion_events_unlinkat", "audit_rules_dac_modification_setxattr", "audit_rules_unsuccessful_file_modification_ftruncate", "audit_rules_file_deletion_events_renameat2", "audit_rules_unsuccessful_file_modification_openat_rule_order", "audit_rules_privileged_commands_gpasswd", "audit_rules_privileged_commands_newgrp", "audit_rules_kernel_module_loading_finit", "var_audit_failure_mode=panic"], "controls": []}, {"id": "164.312(a)(2)(ii)", "levels": ["required"], "notes": "", "title": "Emergency access procedure", "description": "Establish (and implement as needed) procedures for obtaining necessary electronic protected health\ninformation during an emergency.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["auditd_data_retention_admin_space_left_action", "auditd_data_retention_space_left_action", "auditd_data_retention_max_log_file_action_stig", "auditd_data_retention_action_mail_acct", "service_rsyslog_enabled", "partition_for_var_log_audit", "auditd_data_retention_max_log_file_action", "package_rsyslog_installed"], "controls": []}, {"id": "164.312(a)(2)(iii)", "levels": ["addressable"], "notes": "", "title": "Automatic logoff", "description": "Implement electronic procedures that terminate an electronic session after a predetermined time of\ninactivity.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["encrypt_partitions"], "controls": []}, {"id": "164.312(a)(2)(iv)", "levels": ["addressable"], "notes": "", "title": "Encryption and decryption", "description": "Implement a mechanism to encrypt and decrypt electronic protected health information.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["kernel_module_usb-storage_disabled", "service_autofs_disabled", "encrypt_partitions", "coreos_nousb_kernel_argument"], "controls": []}, {"id": "164.312(b)", "levels": ["base"], "notes": "", "title": "Audit controls.", "description": "Implement hardware, software, and/or procedural mechanisms that record and examine activity in information\nsystems that contain or use electronic protected health information.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["ensure_fedora_gpgkey_installed", "audit_rules_dac_modification_fchmodat2", "audit_rules_dac_modification_fchown", "audit_rules_unsuccessful_file_modification_renameat", "audit_rules_mac_modification_usr_share", "audit_rules_time_watch_localtime", "ensure_gpgcheck_never_disabled", "audit_rules_usergroup_modification_opasswd", "audit_rules_privileged_commands_postqueue", "service_auditd_enabled", "audit_rules_dac_modification_fremovexattr", "package_audit_installed", "audit_rules_usergroup_modification_passwd", "coreos_nousb_kernel_argument", "audit_rules_time_stime", "audit_rules_privileged_commands_unix2_chkpwd", "audit_rules_dac_modification_fchmodat", "audit_rules_dac_modification_lchown", "audit_rules_execution_chcon", "audit_rules_unsuccessful_file_modification_openat", "audit_rules_time_adjtimex", "audit_rules_unsuccessful_file_modification_rename", "audit_rules_execution_setsebool", "audit_rules_unsuccessful_file_modification_openat_o_creat", "ensure_suse_gpgkey_installed", "audit_rules_unsuccessful_file_modification_open_rule_order", "audit_rules_dac_modification_fsetxattr", "rpm_verify_permissions", "audit_rules_time_settimeofday", "audit_rules_session_events_wtmp", "audit_rules_sysadmin_actions", "package_audit-audispd-plugins_installed", "audit_rules_privileged_commands_umount", "audit_rules_unsuccessful_file_modification_truncate", "audit_rules_dac_modification_lsetxattr", "audit_rules_unsuccessful_file_modification_open_o_creat", "service_autofs_disabled", "audit_rules_privileged_commands_ssh_keysign", "audit_rules_unsuccessful_file_modification_open_by_handle_at", "ensure_almalinux_gpgkey_installed", "ensure_gpgcheck_repo_metadata", "ensure_gpgcheck_globally_activated", "grub2_audit_argument", "audit_rules_file_deletion_events_renameat", "audit_rules_dac_modification_lremovexattr", "audit_rules_time_clock_settime", "audit_rules_kernel_module_loading_init", "audit_rules_immutable", "audit_rules_media_export", "audit_rules_usergroup_modification_gshadow", "audit_rules_unsuccessful_file_modification_creat", "audit_rules_dac_modification_chown", "audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order", "audit_rules_unsuccessful_file_modification_openat_o_trunc_write", "audit_rules_unsuccessful_file_modification_open_o_trunc_write", "audit_rules_privileged_commands_sudoedit", "audit_rules_kernel_module_loading_delete", "audit_rules_privileged_commands_crontab", "audit_rules_unsuccessful_file_modification_open", "coreos_audit_option", "kernel_module_usb-storage_disabled", "rsyslog_remote_loghost", "audit_rules_file_deletion_events_rename", "audit_rules_unsuccessful_file_modification_unlinkat", "encrypt_partitions", "ensure_gpgcheck_local_packages", "audit_rules_privileged_commands_postdrop", "audit_rules_networkconfig_modification", "audit_rules_file_deletion_events_unlink", "audit_rules_session_events_btmp", "audit_rules_usergroup_modification_shadow", "rpm_verify_hashes", "audit_rules_privileged_commands_chsh", "audit_rules_session_events_utmp", "audit_rules_execution_semanage", "audit_rules_dac_modification_chmod", "audit_rules_login_events_tallylog", "audit_rules_privileged_commands_passwd", "audit_rules_mac_modification", "audit_rules_privileged_commands_unix_chkpwd", "audit_rules_dac_modification_fchmod", "audit_rules_file_deletion_events_rmdir", "audit_rules_privileged_commands_pam_timestamp_check", "audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat", "audit_rules_dac_modification_removexattr", "auditd_audispd_syslog_plugin_activated", "audit_rules_login_events_lastlog", "audit_rules_privileged_commands_su", "audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write", "audit_rules_dac_modification_fchownat", "auditd_data_retention_flush", "audit_rules_usergroup_modification_group", "audit_rules_system_shutdown", "audit_rules_unsuccessful_file_modification_unlink", "audit_rules_execution_restorecon", "audit_rules_privileged_commands_sudo", "audit_rules_privileged_commands_userhelper", "audit_rules_privileged_commands_chage", "audit_rules_login_events_faillock", "audit_rules_file_deletion_events_unlinkat", "audit_rules_dac_modification_setxattr", "audit_rules_unsuccessful_file_modification_ftruncate", "audit_rules_file_deletion_events_renameat2", "audit_rules_unsuccessful_file_modification_openat_rule_order", "ensure_redhat_gpgkey_installed", "audit_rules_privileged_commands_gpasswd", "audit_rules_privileged_commands_newgrp", "audit_rules_kernel_module_loading_finit"], "controls": []}, {"id": "164.312(c)", "levels": ["base"], "notes": "", "title": "Integrity.", "description": "Implement policies and procedures to protect electronic protected health information from improper\nalteration or destruction.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["encrypt_partitions"], "controls": []}, {"id": "164.312(c)(1)", "levels": ["base"], "notes": "", "title": "Integrity.", "description": "Implement policies and procedures to protect electronic protected health information from improper\nalteration or destruction.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["ensure_fedora_gpgkey_installed", "ensure_almalinux_gpgkey_installed", "ensure_gpgcheck_repo_metadata", "rpm_verify_permissions", "ensure_gpgcheck_never_disabled", "ensure_gpgcheck_globally_activated", "ensure_redhat_gpgkey_installed", "ensure_suse_gpgkey_installed", "rpm_verify_hashes", "ensure_gpgcheck_local_packages"], "controls": []}, {"id": "164.312(c)(2)", "levels": ["addressable"], "notes": "", "title": "Implementation specification: Mechanism to authenticate electronic protected health information", "description": "Implement electronic mechanisms to corroborate that electronic protected health information has not been\naltered or destroyed in an unauthorized manner.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["ensure_fedora_gpgkey_installed", "ensure_almalinux_gpgkey_installed", "ensure_gpgcheck_repo_metadata", "rpm_verify_permissions", "ensure_gpgcheck_never_disabled", "ensure_gpgcheck_globally_activated", "ensure_redhat_gpgkey_installed", "ensure_suse_gpgkey_installed", "rpm_verify_hashes", "ensure_gpgcheck_local_packages"], "controls": []}, {"id": "164.312(d)", "levels": ["base"], "notes": "", "title": "Person or entity authentication.", "description": "Implement procedures to verify that a person or entity seeking access to electronic protected health information\nis the one claimed.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_dac_modification_fchmodat2", "audit_rules_dac_modification_fchown", "audit_rules_unsuccessful_file_modification_renameat", "audit_rules_mac_modification_usr_share", "audit_rules_time_watch_localtime", "audit_rules_usergroup_modification_opasswd", "audit_rules_privileged_commands_postqueue", "audit_rules_dac_modification_fremovexattr", "audit_rules_usergroup_modification_passwd", "audit_rules_time_stime", "audit_rules_privileged_commands_unix2_chkpwd", "audit_rules_dac_modification_fchmodat", "audit_rules_dac_modification_lchown", "audit_rules_execution_chcon", "audit_rules_unsuccessful_file_modification_openat", "audit_rules_time_adjtimex", "audit_rules_unsuccessful_file_modification_rename", "audit_rules_execution_setsebool", "audit_rules_unsuccessful_file_modification_openat_o_creat", "audit_rules_unsuccessful_file_modification_open_rule_order", "audit_rules_dac_modification_fsetxattr", "audit_rules_time_settimeofday", "audit_rules_session_events_wtmp", "audit_rules_sysadmin_actions", "audit_rules_privileged_commands_umount", "audit_rules_unsuccessful_file_modification_truncate", "audit_rules_dac_modification_lsetxattr", "audit_rules_unsuccessful_file_modification_open_o_creat", "audit_rules_privileged_commands_ssh_keysign", "audit_rules_unsuccessful_file_modification_open_by_handle_at", "audit_rules_file_deletion_events_renameat", "audit_rules_dac_modification_lremovexattr", "audit_rules_time_clock_settime", "audit_rules_kernel_module_loading_init", "audit_rules_immutable", "audit_rules_media_export", "audit_rules_usergroup_modification_gshadow", "audit_rules_unsuccessful_file_modification_creat", "audit_rules_dac_modification_chown", "audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order", "audit_rules_unsuccessful_file_modification_openat_o_trunc_write", "audit_rules_unsuccessful_file_modification_open_o_trunc_write", "audit_rules_kernel_module_loading_delete", "audit_rules_privileged_commands_crontab", "audit_rules_privileged_commands_sudoedit", "audit_rules_unsuccessful_file_modification_open", "audit_rules_file_deletion_events_rename", "audit_rules_unsuccessful_file_modification_unlinkat", "encrypt_partitions", "audit_rules_privileged_commands_postdrop", "audit_rules_networkconfig_modification", "audit_rules_file_deletion_events_unlink", "audit_rules_session_events_btmp", "audit_rules_usergroup_modification_shadow", "audit_rules_privileged_commands_chsh", "audit_rules_session_events_utmp", "audit_rules_execution_semanage", "audit_rules_dac_modification_chmod", "audit_rules_login_events_tallylog", "audit_rules_privileged_commands_passwd", "audit_rules_mac_modification", "audit_rules_privileged_commands_unix_chkpwd", "audit_rules_dac_modification_fchmod", "audit_rules_file_deletion_events_rmdir", "audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat", "audit_rules_privileged_commands_pam_timestamp_check", "audit_rules_dac_modification_removexattr", "audit_rules_login_events_lastlog", "audit_rules_privileged_commands_su", "audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write", "audit_rules_dac_modification_fchownat", "auditd_data_retention_flush", "audit_rules_usergroup_modification_group", "audit_rules_system_shutdown", "audit_rules_unsuccessful_file_modification_unlink", "audit_rules_execution_restorecon", "audit_rules_privileged_commands_sudo", "audit_rules_privileged_commands_userhelper", "audit_rules_privileged_commands_chage", "audit_rules_login_events_faillock", "audit_rules_file_deletion_events_unlinkat", "audit_rules_dac_modification_setxattr", "audit_rules_unsuccessful_file_modification_ftruncate", "audit_rules_file_deletion_events_renameat2", "audit_rules_unsuccessful_file_modification_openat_rule_order", "audit_rules_privileged_commands_gpasswd", "audit_rules_privileged_commands_newgrp", "audit_rules_kernel_module_loading_finit"], "controls": []}, {"id": "164.312(e)", "levels": ["base"], "notes": "", "title": "Transmission security.", "description": "Implement technical security measures to guard against unauthorized access to electronic protected health\ninformation that is being transmitted over an electronic communications network.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["audit_rules_dac_modification_fchmodat2", "audit_rules_dac_modification_fchown", "audit_rules_unsuccessful_file_modification_renameat", "audit_rules_mac_modification_usr_share", "audit_rules_time_watch_localtime", "audit_rules_usergroup_modification_opasswd", "selinux_confinement_of_daemons", "audit_rules_privileged_commands_postqueue", "audit_rules_dac_modification_fremovexattr", "audit_rules_usergroup_modification_passwd", "audit_rules_time_stime", "audit_rules_privileged_commands_unix2_chkpwd", "sebool_selinuxuser_execmod", "audit_rules_dac_modification_fchmodat", "audit_rules_dac_modification_lchown", "audit_rules_execution_chcon", "audit_rules_unsuccessful_file_modification_openat", "audit_rules_time_adjtimex", "audit_rules_unsuccessful_file_modification_rename", "audit_rules_execution_setsebool", "audit_rules_unsuccessful_file_modification_openat_o_creat", "audit_rules_unsuccessful_file_modification_open_rule_order", "sebool_selinuxuser_execstack", "audit_rules_dac_modification_fsetxattr", "audit_rules_time_settimeofday", "audit_rules_session_events_wtmp", "audit_rules_sysadmin_actions", "audit_rules_privileged_commands_umount", "audit_rules_unsuccessful_file_modification_truncate", "audit_rules_dac_modification_lsetxattr", "audit_rules_unsuccessful_file_modification_open_o_creat", "audit_rules_privileged_commands_ssh_keysign", "audit_rules_unsuccessful_file_modification_open_by_handle_at", "sysctl_kernel_exec_shield", "sysctl_fs_suid_dumpable", "audit_rules_file_deletion_events_renameat", "audit_rules_dac_modification_lremovexattr", "audit_rules_time_clock_settime", "audit_rules_kernel_module_loading_init", "audit_rules_immutable", "audit_rules_media_export", "audit_rules_usergroup_modification_gshadow", "audit_rules_unsuccessful_file_modification_creat", "audit_rules_dac_modification_chown", "audit_rules_unsuccessful_file_modification_open_by_handle_at_rule_order", "audit_rules_unsuccessful_file_modification_openat_o_trunc_write", "audit_rules_unsuccessful_file_modification_open_o_trunc_write", "audit_rules_kernel_module_loading_delete", "audit_rules_privileged_commands_crontab", "audit_rules_privileged_commands_sudoedit", "audit_rules_unsuccessful_file_modification_open", "audit_rules_file_deletion_events_rename", "audit_rules_unsuccessful_file_modification_unlinkat", "selinux_policytype", "audit_rules_privileged_commands_postdrop", "audit_rules_networkconfig_modification", "audit_rules_file_deletion_events_unlink", "sebool_selinuxuser_execheap", "audit_rules_session_events_btmp", "audit_rules_usergroup_modification_shadow", "sysctl_kernel_randomize_va_space", "audit_rules_privileged_commands_chsh", "audit_rules_session_events_utmp", "audit_rules_execution_semanage", "audit_rules_dac_modification_chmod", "audit_rules_login_events_tallylog", "audit_rules_privileged_commands_passwd", "audit_rules_mac_modification", "coreos_enable_selinux_kernel_argument", "audit_rules_privileged_commands_unix_chkpwd", "audit_rules_dac_modification_fchmod", "audit_rules_file_deletion_events_rmdir", "grub2_enable_selinux", "audit_rules_unsuccessful_file_modification_open_by_handle_at_o_creat", "audit_rules_privileged_commands_pam_timestamp_check", "audit_rules_dac_modification_removexattr", "selinux_state", "audit_rules_login_events_lastlog", "audit_rules_privileged_commands_su", "audit_rules_unsuccessful_file_modification_open_by_handle_at_o_trunc_write", "audit_rules_dac_modification_fchownat", "auditd_data_retention_flush", "audit_rules_usergroup_modification_group", "audit_rules_system_shutdown", "audit_rules_unsuccessful_file_modification_unlink", "audit_rules_execution_restorecon", "service_kdump_disabled", "audit_rules_privileged_commands_sudo", "audit_rules_privileged_commands_userhelper", "audit_rules_privileged_commands_chage", "audit_rules_login_events_faillock", "audit_rules_file_deletion_events_unlinkat", "audit_rules_dac_modification_setxattr", "audit_rules_unsuccessful_file_modification_ftruncate", "audit_rules_file_deletion_events_renameat2", "audit_rules_unsuccessful_file_modification_openat_rule_order", "audit_rules_privileged_commands_gpasswd", "sysctl_kernel_dmesg_restrict", "audit_rules_privileged_commands_newgrp", "audit_rules_kernel_module_loading_finit"], "controls": []}, {"id": "164.312(e)(1)", "levels": ["base"], "notes": "", "title": "Transmission security.", "description": "Implement technical security measures to guard against unauthorized access to electronic protected health\ninformation that is being transmitted over an electronic communications network.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_empty_passwords", "service_rexec_disabled", "sshd_disable_user_known_hosts", "package_talk_removed", "package_rsh_removed", "disable_host_auth", "sshd_allow_only_protocol2", "sshd_set_keepalive", "dconf_gnome_remote_access_encryption", "sshd_set_keepalive_0", "sshd_disable_rhosts_rsa", "sshd_use_approved_macs", "sshd_enable_warning_banner", "package_tcp_wrappers_removed", "use_kerberos_security_all_exports", "sshd_disable_root_login", "sshd_disable_gssapi_auth", "service_zebra_disabled", "sshd_do_not_permit_user_env", "dconf_gnome_remote_access_credential_prompt", "package_telnet-server_removed", "sshd_disable_compression", "service_crond_enabled", "service_ypbind_disabled", "package_ypserv_removed", "service_xinetd_disabled", "package_xinetd_removed", "service_telnet_disabled", "sshd_enable_strictmodes", "configure_crypto_policy", "package_telnet_removed", "libreswan_approved_tunnels", "service_rsh_disabled", "service_rlogin_disabled", "package_ypbind_removed", "package_cron_installed", "service_cron_enabled", "sshd_use_approved_ciphers", "package_rsh-server_removed", "configure_ssh_crypto_policy", "package_talk-server_removed", "sshd_use_priv_separation", "sshd_disable_kerb_auth"], "controls": []}, {"id": "164.312(e)(2)(i)", "levels": ["addressable"], "notes": "", "title": "Integrity controls", "description": "Implement security measures to ensure that electronically transmitted electronic protected health information is not\nimproperly modified without detection until disposed of.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_use_approved_macs", "ensure_fedora_gpgkey_installed", "ensure_almalinux_gpgkey_installed", "ensure_gpgcheck_repo_metadata", "rpm_verify_permissions", "ensure_gpgcheck_never_disabled", "sshd_use_approved_ciphers", "ensure_gpgcheck_globally_activated", "ensure_redhat_gpgkey_installed", "ensure_suse_gpgkey_installed", "rpm_verify_hashes", "ensure_gpgcheck_local_packages"], "controls": []}, {"id": "164.312(e)(2)(ii)", "levels": ["addressable"], "notes": "", "title": "Encryption", "description": "Implement a mechanism to encrypt electronic protected health information whenever deemed appropriate.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_disable_empty_passwords", "service_rexec_disabled", "sshd_disable_user_known_hosts", "package_talk_removed", "package_rsh_removed", "disable_host_auth", "sshd_allow_only_protocol2", "sshd_set_keepalive", "dconf_gnome_remote_access_encryption", "sshd_set_keepalive_0", "sshd_disable_rhosts_rsa", "sshd_use_approved_macs", "sshd_enable_warning_banner", "package_tcp_wrappers_removed", "use_kerberos_security_all_exports", "sshd_disable_root_login", "sshd_disable_gssapi_auth", "service_zebra_disabled", "sshd_do_not_permit_user_env", "dconf_gnome_remote_access_credential_prompt", "package_telnet-server_removed", "sshd_disable_compression", "service_crond_enabled", "service_ypbind_disabled", "package_ypserv_removed", "service_xinetd_disabled", "package_xinetd_removed", "service_telnet_disabled", "sshd_enable_strictmodes", "configure_crypto_policy", "package_telnet_removed", "libreswan_approved_tunnels", "service_rsh_disabled", "service_rlogin_disabled", "package_ypbind_removed", "package_cron_installed", "service_cron_enabled", "sshd_use_approved_ciphers", "package_rsh-server_removed", "configure_ssh_crypto_policy", "package_talk-server_removed", "sshd_use_priv_separation", "sshd_disable_kerb_auth"], "controls": []}, {"id": "164.314(a)(2)(i)(C)", "levels": ["required"], "notes": "", "title": "Business associate contracts.", "description": "Report to the covered entity any security incident of which it becomes aware, including breaches of\nunsecured protected health information as required by \u00a7 164.410.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["auditd_audispd_syslog_plugin_activated", "rsyslog_remote_loghost"], "controls": []}, {"id": "164.314(a)(2)(iii)", "levels": ["required"], "notes": "", "title": "Business associate contracts with subcontractors.", "description": "The requirements of paragraphs (a)(2)(i) and (a)(2)(ii) of this section apply to the contract or other\narrangement between a business associate and a subcontractor required by \u00a7 164.308(b)(4) in the same manner\nas such requirements apply to contracts or other arrangements between a covered entity and business\nassociate.", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["auditd_audispd_syslog_plugin_activated", "rsyslog_remote_loghost"], "controls": []}, {"id": "164.314(b)(2)(i)", "levels": ["required"], "notes": "", "title": "Implementation specifications", "description": "Implement administrative, physical, and technical safeguards that reasonably and appropriately protect the\nconfidentiality, integrity, and availability of the electronic protected health information that it creates,\nreceives, maintains, or transmits on behalf of the group health plan;", "rationale": null, "automated": "yes", "status": "automated", "mitigation": null, "artifact_description": null, "status_justification": null, "fixtext": null, "check": null, "tickets": null, "original_title": null, "related_rules": [], "rules": ["sshd_use_approved_macs", "encrypt_partitions", "sshd_use_approved_ciphers"], "controls": []}], "levels": [{"id": "required", "inherits_from": ["addressable"]}, {"id": "addressable", "inherits_from": ["base"]}, {"id": "base", "inherits_from": null}]}