|
List Name |
List Description |
Type |
List ID |
|---|---|---|---|
|
HSS: Parent Entities |
This list contains all Parent Entities associated with HIPAA, HITECH, and PI. |
Entity |
-2503 |
|
HSS: Physical Access Systems |
This list is designated for all entities that fall under this category. (HIPAA) |
Entity |
-2504 |
|
HSS: Data Storage Systems |
This list is designated for all entities that fall under the specified category. (HIPAA) |
Entity |
-2505 |
|
HSS: Network Devices |
This list is designated for all entities that fall under the specified category. (HIPAA) |
Entity |
-2506 |
|
HSS: Workstations |
This list is designated for all entities that fall under the specified category. (HIPAA) |
Entity |
-2507 |
|
HSS: Production Servers |
This list is designated for all entities that fall under the specified category. (HIPAA) |
Entity |
-2508 |
|
HSS: Remote Access Systems |
This list is designated for all entities that fall under the specified category. (HIPAA) |
Entity |
-2509 |
|
HSS: Security Systems |
This list is designated for all entities that fall under the specified category. (HIPAA) |
Entity |
-2510 |
|
HSS: Test Systems |
This list is designated for all entities that fall under the specified category. (HIPAA) |
Entity |
-2511 |
|
HSS: Covered Entity IPs |
All known IP addresses that are associated with covered entities should be added to this list. (HITECH) |
Host |
-2512 |
|
HSS: Threat IPs |
This list contains lists from the Threat Intelligence Service Module, and should be used to black list other threatening host IPs. (HITECH) |
Host |
-2513 |
|
HSS: Certified EHR Technologies |
All in-scope systems that qualify as official certified EHR technologies (PI) |
Log Source |
-2514 |
|
HSS: File Integrity Monitoring Systems |
Systems that generate file integrity monitoring logs should populate this list. (HITECH) |
Log Source |
-2515 |
|
HSS: Systems Containing ePHI |
All systems containing any level of ePHI belong in this list. (HITECH) |
Log Source |
-2516 |
|
HSS: All Network and System Access Log Sources |
All systems that log network traffic, including but not limited to firewalls, proxy systems, routers, switches, VPN access points, Active Directory and other related systems belong in this list. (HITECH) |
Log Source |
-2517 |
|
HSS: ePHI Associated Applications |
Applications associated with ePHI and EHR belong in this list. (M/H/H) |
Application |
-2518 |
|
HSS: Primary Eligible Professionals |
This list is for signed and designated eligible professionals who write MORE than 100 prescriptions per reporting period. (PI) |
User |
-2519 |
|
HSS: Secondary Eligible Professionals |
This list is for signed and designated eligible professionals who write LESS than 100 prescriptions per reporting period. (PI) |
User |
-2520 |
|
HSS: Business Associates |
Business associate, vendor accounts should be listed here. (HITECH) |
User |
-2521 |
|
HSS: Test Accounts |
Any account utilized for testing purposes belongs here. (HITECH) |
User |
-2522 |
|
HSS: Privileged Accounts |
Populate this list with privileged accounts, especially accounts that have access to ePHI data. (H/H) |
User |
-2523 |
|
HSS: Terminated Accounts |
Accounts that have been disabled or terminated should be added to this list. (H/H) |
User |
-2524 |
|
HSS: Role Based Accounts |
Role based accounts are to be utilized only with the access of an associated unique identifier. Add role based accounts to this list. (H/H) |
User |
-2525 |
|
HSS: Web Access Accounts |
Accounts used for website access belong in this list. (H/H) |
User |
-2526 |
|
HSS: DMZ Networks |
This is designated for DMZ networks. |
Network |
-2527 |
|
HSS: Internal Networks |
Internal non-DMZ networks belong here. |
Network |
-2528 |
|
HSS: Wireless Networks |
Wireless networks should be added here. |
Network |
-2529 |
|
HSS: Protected Networks |
List protected ePHI networks here. |
Network |
-2530 |
|
HSS: Testing Networks |
Test network environments should be added here. |
Network |
-2531 |