HIPAA 164.312(c)(1)—Integrity Controls

The Health Insurance Portability and Accountability Act (HIPAA) Security Audit reports show available documentation and compliance artifacts that help you demonstrate compliance with requirements of the HIPAA Security Rule, as outlined in the HIPAA Audit Protocol.

This report provides guidance on how to use and access your File Integrity Monitoring (FIM) features to help you demonstrate compliance with HIPAA 164.312(c)(1).

To access the HIPAA 164.312(c)(1) report:

  1. In the Alert Logic console, click the menu icon (), and then click Validate.
  2. Click Reports, and then click Compliance.
  3. Under HIPAA Security Audit, click VIEW.
  4. Click HIPAA 164.312(c)(1) - Integrity Controls.

The report summary page displays two columns. HIPAA Audit Protocol lists each audit protocol inquiry for testing the selected HIPAA Security Rule requirement. Available Documentation and Artifacts describes, and contains links to, the documentation and compliance artifacts that this report can generate for each protocol.

Filter the Report

To refine your findings, you can filter your report by date range and customer account.

Filter the report using drop-down menus

By default, Alert Logic includes (All) values for most filters in the report.

To add or remove filter values:

  1. Click the drop-down menu in the filter, and then select or clear values.
  2. Click Apply.

Schedule the report

After you finish setting up the report, you can use CREATE REPORT to run it periodically and subscribe users or an integration (such as a webhook) to receive a notification when the report is generated. To learn how to schedule the report and subscribe notification recipients, see Scheduled Reports and Notifications.

Available documentation and artifacts

This report provides documentation and artifacts that help you demonstrate that policies and procedures are implemented to protect health information from improper alteration or destruction.

Policies and procedures for ePHI alteration and destruction

This HIPAA Audit Protocol requires you to demonstrate that you have policies and procedures in place to protect ePHI from improper alteration or destruction.

Alert Logic does not provide data for this testing procedure. You must provide the policy and procedure documents for this audit.

Evaluate implemented integrity controls

This HIPAA Audit Protocol requires a review and evaluation of the policies and procedures that demonstrate that the implementation of the procedural mechanisms appropriately protects the entity's ePHI from improper alteration or destruction.

Alert Logic does not provide data for this testing procedure. You must provide the policy and procedure documents for this audit.

Evaluate and determine proper protection and processes in place

This HIPAA Audit Protocol requires a review of the documentation that demonstrates processes protecting ePHI from improper alteration or destruction, and an evaluation of proper protection and determine processes in place to protect ePHI correlates with safeguards identify in integrity control policies and procedures.

This section includes a link for quick access to the Deployments page in the Alert Logic console where you can access the File Integrity Monitoring feature to view the current configuration for monitoring specific file paths.

This section also includes a link for quick access to the File Integrity Monitoring Dashboard in the Alert Logic console where you can view or export file monitoring events.