iCompaas Support

CIS Control 4.5 2

• Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console password
• Ensure MFA is enabled for the "root" account

CIS Control 6.2 3

• Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket
• Ensure VPC flow logging is enabled in all VPCs
• Ensure a log metric filter and alarm exist for S3 bucket policy changes

CIS Control 6 1

• Ensure CloudTrail logs are encrypted at rest using KMS CMKs

CIS Control 14.6 1

• Ensure the S3 bucket used to store CloudTrail logs is not publicly accessible

AWS - HIPAA 10

• Check if S3 buckets have server access logging enabled
• Enable S3 buckets have Object-level logging enabled in CloudTrail
• Ensure there are no EBS Snapshots set as Public
• Ensure there are no Security Groups not being used
• Ensure Elastic Load Balancers have logging enabled

View all 10

Controls 1

• HIPAA 164.312(e)(2)(ii) - Encryption

Privacy Rule 1

• HIPAA 164.310(d)(2)(iii) - Accountability

Security Rule 27

• HIPAA 164.308(a)(3)(i) - Workforce security
• HIPAA 164.310(d)(2)(i) - Disposal
• HIPPA 164.310(d)(2)(iv) - Data backup and storage
• HIPAA 164.308(a)(3)(ii)(C) - Termination procedures
• HIPAA 164.308(a)(3)(ii)(B) - Workforce clearance procedure

View all 27

Patient Rights 9

• 164.312(a)(2)(ii) - Emergency access procedure
• 164.310(d)(2)(ii) Media re-use
• 164.310(c) - Workstation security
• 164.310(b) Workstation use
• 163.310(a)(2)(iv) - Maintenance records

View all 9

Business Associate Agreements 1

• 164.308(a)(7)(ii)(D) - Testing and revision procedures

Enforcement Rule 11

• 164.312(a)(1) - Access control
• 164.312(a)(2)(iv) - Encryption and decryption
• 164.312(e)(1) - Transmission security
• 164.312(e)(2)(i) - Integrity controls
• 164.312(e)(2)(ii) - Encryption

View all 11

Breach Notification Rule 3

• 164.308(a)(1)(ii)(C)- Sanction policy
• 164.308(a)(7)(ii)(C)- Emergency mode operation plan
• 164.308(a)(7)(ii)(E)- Applications and data criticality analysis