• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1374
  • Last Modified:

HIPAA Compliance for Active Directory

I've looked everywhere but can't seem to find any information, or valid templates, that I can use to configure Microsoft Active Directory to make it HIPAA compliant. Therefore the question is, does anyone have a site or information that I can use to configure Group Policy in Active Directory to affect users and computers that will be HIPAA compliant?

Any help would be greatly appreciated.
1 Solution
The HIPAA requirements are very vague at best. There is not set standard really. Personally I have the following setup for my clients that must comply with the HIPAA standards.
Every use has their own logon/password
They are only granted access to what they need and more more
They are required to change their password every 3 months
All tape backup are encrypted
The servers are stored in a locked room with limited access
Firewalls are setup to only let the required traffic in
Thats basically what I have done. One thing to do is document every security measure you use to comply with the HIPAA standards just in case you get an audit.
I hope this helps. Good luck.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now