encryption

encryption Controls

9 controls across 4 frameworks.

CISA CPG

Sensitive data at rest is encrypted using current standards

Data Security / Data Security

Full-disk encryption is enforced on all endpoints and portable storage

Device Security / Device Security

Implement physical safeguards for all workstations that access ePHI to restrict access to authorized users

Physical Safeguards / Workstation Security

Implement technical policies and procedures to allow access to ePHI only to authorized persons or software programs

Technical Safeguards / Access Control

Implement policies and procedures to protect ePHI from improper alteration or destruction

Technical Safeguards / Integrity

Implement technical security measures to guard against unauthorized access to ePHI transmitted over electronic communications networks

Technical Safeguards / Transmission Security

The confidentiality, integrity, and availability of data-at-rest are protected

Protect / Data Security

The confidentiality, integrity, and availability of data-in-transit are protected

Protect / Data Security

Sensitive data is protected during transmission and storage

Security / Logical and Physical Access