Home
Articles
Docs
About
Contact
Back to HECVAT v4.1.0
HIPA
HIPAA Compliance
Question ID
Question
Importance
Weight
HIPA-29
Data Backup & Retention for HIPAA
Critical
10
HIPA-28
Business Associate Agreement (BAA) Readiness
Critical
10
HIPA-27
HIPAA Compliance Attestation Documents
Critical
10
HIPA-26
Disaster Recovery & Emergency Operations
Critical
10
HIPA-25
External Storage of Application Logs
Critical
10
HIPA-24
Application Log Archival Capabilities
Critical
10
HIPA-23
Access & Change Log Retention Periods
Critical
10
HIPA-22
Administrative Activity Logging Requirements
Critical
10
HIPA-21
User Access Logging & Tracking
Critical
10
HIPA-20
Remote Support Account Security
Critical
10
HIPA-19
User Group Assignment Limitations
Critical
10
HIPA-18
Role-Based Record Access Control
Critical
10
HIPA-17
Granular Administrative Permissions
Critical
10
HIPA-16
User Access Level Configuration
Critical
10
HIPA-15
Institution Password Control
Critical
10
HIPA-14
Password Encryption & Protection
Critical
10
HIPA-13
Automatic Session Timeout Controls
Critical
10
HIPA-12
Failed Login Account Lockout
Critical
10
HIPA-11
Mandatory Password Reset Requirements
Critical
10
HIPA-10
90-Day Password Rotation Policy
Critical
10
HIPA-09
Risk Mitigation Implementation
Critical
10
HIPA-08
HIPAA Security Rule Risk Analysis
Critical
10
HIPA-07
HITECH Act Compliance Requirements
Critical
10
HIPA-06
HIPAA Privacy & Security Officers
Critical
10
HIPA-05
HIPAA Regulatory Change Monitoring
Critical
10
HIPA-04
Subcontractor BAA Requirements
Critical
10
HIPA-03
Policy and Plan Testing Verification
Critical
10
HIPA-02
Risk Area Identification Process
Critical
10
HIPA-01
HIPAA Workforce Training Programs
Critical
10
Showing 29 of 29 questions
Ready to unlock your education sales?
100% focus
Right-sized programs that fit your budget
From assessment to implementation
