Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Health Insurance Portability and Accountability Act (HIPAA)

 

Use the JSA GLBA Content Extension to closely monitor your deployment for HIPAA compliance.

JSA HIPAA Content Extension V1.0.1

Saved searches are now shared by default, and assigned to the correct groups.

JSA HIPAA Content Extension V1.0.0

The AccountName custom property is included in JSA HIPAA Content Extension V1.0.0.

The following building blocks are included in JSA HIPAA Content Extension V1.0.0.

  • BB:CategoryDefinition: Authentication Failures

  • BB:CategoryDefinition: Authentication Success

  • BB:CategoryDefinition: Firewall or ACL Accept

  • BB:CategoryDefinition: Firewall or ACL Denies

  • BB:CategoryDefinition: Superuser Accounts

  • BB:NetworkDefinition: Inbound Communication from Internet to Local Host

  • BB:NetworkDefinition: Trusted Network Segment*

  • BB:NetworkDefinition: Untrusted Local Networks*

  • BB:NetworkDefinition: Untrusted Network Segment

* denotes that this building block references the default network hierarchy. Update this building block if you are using a different network hierarchy.

The following reports are included in JSA HIPAA Content Extension V1.0.0.

  • Daily HIPAA 164.308(a)(4) - 1 / 164.312(e)(1) - 1 Internal Network to Internet Traffic

  • Daily HIPAA 164.308(a)(4) - 1 / 164.312(c)(1) - 2 Traffic Summaries (Details)

  • Daily HIPAA 164.308(a)(4) - 1 / 164.312(c)(1) - 2 Traffic Summaries (Time Series)

  • Daily HIPAA 164.312(e)(1) - 2, 3, & 4 Traffic to Trusted Segments from Untrusted Segments

  • Daily Top IPs for Blocked Spam

  • Daily Top Targeted IPs

  • Daily Top Virus Sources and Destinations

  • Monthly HIPAA 164.312(a)(1) - 4 / 164.312(d) - 3 User Accounts Additions by Admin

  • Monthly HIPAA 164.312(e)(1) - 2, 3, & 4 Traffic to Trusted Segments

  • Monthly Top IPs for Blocked SPAM

  • Remote Access Activity Summary

  • Top Users by Remote Access Activity

  • Weekly HIPAA 164.308(a)(4) - 1 / 164.312(c)(1) - 2 Traffic Summaries (Details)

  • Weekly HIPAA 164.308(a)(4) - 1 / 164.312(c)(1) - 2 Traffic Summaries (Time Series)

  • Weekly HIPAA 164.312(e)(1) - 2, 3, & 4 Traffic to Trusted Segments

  • Weekly Top IPs for Blocked Spam

  • Weekly Top Virus Sources and Destinations

The following saved searches are included in JSA HIPAA Content Extension V1.0.0.

  • PCI 1.2.1a - Internal Network (not DMZ) to Internet (Accepted)

  • PCI 1.2.1a - Internal Network (not DMZ) to Internet (All)

  • PCI 1.2.1a - Internal Network (not DMZ) to Internet (Denied)

  • PCI 1.3.1 - Allowed Traffic Into DMZ from Internal

  • PCI 1.3.2 - Allow Traffic from Internet to Internal Networks (Not DMZ)

  • PCI 1.3.3 - Traffic Between Internet and Cardholder Data

  • PCI 1.3.5 - Traffic Between Cardholder Data and Internet (Not DMZ)

  • PCI 2.3 - Protocols to Trusted Network Zones

  • PCI 4.1 - Protocols to Trusted Network Zones

  • PCI 10.2 - PCI 8.1 - User Account Added By Admin User

  • Remote Access Failures (VPN and Others)

  • Remote Access Success (VPN and Other)

  • Top Blocked SPAM IPs

  • Top Virus Destinations

  • Top Virus Sources

Related Documentation