Security Awareness and Training - Protection from Malicious Software, v1.0
Specifies that a health care related organization must implement procedures for guarding against, detecting, and reporting malicious software.
Assessment Step
1
Malicious Software Protection (MaliciousSoftwareProtection)
Does the covered entity or business associate have procedures for guarding against, detecting, and reporting malicious software?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) that support the assessor's response to this assessment step.
|
A covered entity or business associate must perform these requirements in accordance with Section 164.306 (Security standards: General rules).
Conformance Criteria (1)
Malicious Software Protection
The covered entity or business associate must implement procedures for guarding against, detecting, and reporting malicious software.
Citations
HIPAA-Security-Rule
45 CFR Section 164.308(a)(5)(ii)(B)
HIPAA-Security-Rule
45 CFR Section 164.306
|