Healthcare Security – Reports and Reporting Packages
Summary Report Name | Report Description | Report ID | Directly Meet Requirements | Augment Requirements | Data Source | Classification | Intelligent Indexing | Log Sources |
|---|---|---|---|---|---|---|---|---|
HSS: Account Lockout Summary | This report summarizes account lockouts by Impacted Host. Direct: §164.312(b) Augment: §164.312(a)(1) | 1565 | §164.312(b) | §164.312(a)(1) | LogMart | No | Audit | Include All Log Sources |
HSS: Account Management Activity | This report summarizes all account management activity for production systems. Direct: §164.312(b) Augment: §164.312(a)(1), §164.308(a)(3) | 1566 | §164.312(b) | §164.312(a)(1), §164.308(a)(3) | LogMart | No | Audit | Include All Log Sources |
HSS: Alarm And Response Activity | This report details all alarms affecting selected systems. The report lists events, notifications, and response activity associated with each alarm by Entity and Day. Direct: §164.312(b) | 1567 | §164.312(b) | N/A | Platform Manager | No | Event Management | Include All Log Sources |
HSS: Applications Accessed By User | This report provides information about user accessed applications. Direct: §164.312(b) Augment: §164.308(a)(3) | 1568 | §164.312(b) | §164.308(a)(3) | Log Manager(s) | No | Operations | Include All Log Sources |
HSS: Attacks Detected | This report provides a summary of detected attacks by Entity and Impacted Host. Direct: §164.312(b) Augment: §164.308(a)(1), §13405(c), §495.6(d)(15) | 1569 | §164.312(b) | §164.308(a)(1), §13405(c), §495.6(d)(15) | LogMart | No | Security | Include All Log Sources |
HSS: Audit Failure By Host | This report provides information about failed access and logins by Impacted Host. Direct: §164.312(b) Augment: §164.308(a)(1), §13405(c), §495.6(d)(15) | 1570 | §164.312(b) | §164.308(a)(1), §13405(c), §495.6(d)(15) | LogMart | No | Audit | Include All Log Sources |
HSS: Audit Failure By User | This report provides information about access and authentication failures by user. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(3), §13405(c), §495.6(d)(15) | 1571 | §164.312(b) | §164.308(a)(1), §164.308(a)(3), §13405(c), §495.6(d)(15) | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: Compromises Detected | This report provides a summary of detected compromises of security by Entity and Impacted Host. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(6), §13405(c), §495.6(d)(15) | 1572 | §164.312(b) | §164.308(a)(1), §164.308(a)(6), §13405(c), §495.6(d)(15) | LogMart | No | Security | Include All Log Sources |
HSS: Default Account Summary | This report provides information about when a default account has been used. Direct: §164.312(b) Augment: §164.312(a)(1) | 1573 | §164.312(b) | §164.312(a)(1) | LogMart | No | Audit | Include All Log Sources |
HSS: Disabled Accounts | This report summarizes disabled account activity for all production systems. Direct: §164.312(b) Augment: §164.312(a)(1) | 1574 | §164.312(b) | §164.312(a)(1) | LogMart | No | Audit | Include All Log Sources |
HSS: Failed Application Access | This report summarizes failed access attempts by Impacted Application. Direct: §164.312(b) Augment: §164.308(a)(1), §13405(c), §495.6(d)(15) | 1575 | §164.312(b) | §164.308(a)(1), §13405(c), §495.6(d)(15) | LogMart | No | Audit | Include All Log Sources |
HSS: Failed File Access | This report provides a summary of failed file access. Direct: §164.312(b) Augment: §164.308(a)(1), §13405(c), §495.6(d)(15) | 1576 | §164.312(b) | §164.308(a)(1), §13405(c), §495.6(d)(15) | Log Manager(s) | No | Audit | Include All Log Sources |
HSS: Failed Host Access | This report provides a summary of failed logins by Origin Host. Direct: §164.312(b) Augment: §164.308(a)(1), §13405(c), §495.6(d)(15) | 1577 | §164.312(b) | §164.308(a)(1), §13405(c), §495.6(d)(15) | LogMart | No | Audit | Include All Log Sources |
HSS: File Integrity Monitor Summary | This report provides summary information on data generated by the LogRhythm File Integrity Monitor. Events are grouped by Entity, Impacted Host, Common Event, and Object with a count of how many times that condition has been experienced within the reporting period. Direct: §164.312(b) Augment: §164.312(c)(1) | 1580 | §164.312(b) | §164.312(c)(1) | Log Manager(s) | No | Security | HSS: File Integrity Monitoring Systems |
HSS: Host Access Granted And Revoked | This report summarizes all access granted and revoked for production systems. Direct: §164.312(b) Augment: §164.312(a)(1) | 1581 | §164.312(b) | §164.312(a)(1) | LogMart | No | Audit | Include All Log Sources |
HSS: Host Change Summary | This report summarizes change activity for production systems. Direct: §164.312(b) | 1582 | §164.312(b) | N/A | Log Manager(s) | No | Audit | Include All Log Sources |
HSS: Logout Summary | This report summarizes all user logouts. Direct: §164.312(b) Augment: §164.312(a)(1) | 1583 | §164.312(b) | §164.312(a)(1) | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: LogRhythm Data Loss Defender Log Summary | This report provides summary information on data generated by the LogRhythm Data Loss Defender. Data is grouped by Entity, Impacted Host, Common Event, and Object with a count of how many times that condition has been experienced within the reporting period. Direct: §164.312(b) Augment: §164.312(e)(1), §164.308(a)(4), §164.308(a)(6) | 1586 | §164.312(b) | §164.312(e)(1), §164.308(a)(4), §164.308(a)(6) | LogMart | No | Audit | Include All Log Sources |
HSS: Malware Detected | This report summarizes detected malware by Impacted Host. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(6), §13405(c), §495.6(d)(15) | 1587 | §164.312(b) | §164.308(a)(1), §164.308(a)(6), §13405(c), §495.6(d)(15) | Log Manager(s) | No | Security | Include All Log Sources |
HSS: New Account Summary | This report summarizes new account activity for all production systems. Direct: §164.312(b) Augment: §164.312(a)(1) | 1588 | §164.312(b) | §164.312(a)(1) | LogMart | No | Audit | Include All Log Sources |
HSS: Object Access Summary | This report summarizes object access by Impacted Host. Direct: §164.312(b) | 1589 | §164.312(b) | N/A | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: Security Event Summary | This report provides a summary of security relevant events by Impacted Host. Direct: §164.312(b) Augment: §164.308(a)(1), §13405(c), §495.6(d)(15) | 1590 | §164.312(b) | §164.308(a)(1), §13405(c), §495.6(d)(15) | LogMart | No | Security | Include All Log Sources |
HSS: Security Event Summary | This report provides a summary of security relevant events by Origin Host. Direct: §164.312(b) Augment: §164.308(a)(1), §13405(c), §495.6(d)(15) | 1591 | §164.312(b) | §164.308(a)(1), §13405(c), §495.6(d)(15) | LogMart | No | Security | Include All Log Sources |
HSS: Security Event Summary | This report provides a summary of security relevant events by Impacted Application. Direct: §164.312(b) Augment: §164.308(a)(1), §13405(c), §495.6(d)(15) | 1592 | §164.312(b) | §164.308(a)(1), §13405(c), §495.6(d)(15) | LogMart | No | Security | Include All Log Sources |
HSS: Security Event Summary | This report summarizes detected security relevant events by Entity and Impacted Host. Direct: §164.312(b) Augment: §164.308(a)(1), §13405(c), §495.6(d)(15) | 1593 | §164.312(b) | §164.308(a)(1), §13405(c), §495.6(d)(15) | LogMart | No | Security | Include All Log Sources |
HSS: Suspicious Activity By Host | This report provides a summary of detected suspicious activity by Entity and Impacted Host. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(6), §13405(c), §495.6(d)(15) | 1594 | §164.312(b) | §164.308(a)(1), §164.308(a)(6), §13405(c), §495.6(d)(15) | LogMart | No | Security | Include All Log Sources |
HSS: Suspicious Activity By User | This report provides a summary of suspicious activities by login or account. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(6), §13405(c), §495.6(d)(15) | 1595 | §164.312(b) | §164.308(a)(1), §164.308(a)(6), §13405(c), §495.6(d)(15) | LogMart | No | Security | Include All Log Sources |
HSS: System Critical And Error Conditions | This report summarizes critical and error conditions for production servers and network infrastructure devices. Direct: §164.312(b) Augment: §164.310(d), §164.308(a)(1), §164.308(a)(7), §13405(c), §495.6(d)(15) | 1596 | §164.312(b) | §164.310(d), §164.308(a)(1), §164.308(a)(7), §13405(c), §495.6(d)(15) | LogMart | No | Operations | Include All Log Sources |
HSS: System Startup And Shutdown | This report lists startup and shutdown activity for production servers and network infrastructure systems. Direct: §164.312(b) Augment: §164.310(d), §164.308(a)(7) | 1597 | §164.312(b) | §164.310(d), §164.308(a)(7) | LogMart | No | Audit | Include All Log Sources |
HSS: Terminated Account Summary | This report summarizes terminated account activity for production systems. Direct: §164.312(b) Augment: §164.312(a)(1), §164.308(a)(3) | 1598 | §164.312(b) | §164.312(a)(1), §164.308(a)(3) | LogMart | No | Audit | Include All Log Sources |
HSS: Top Attackers | This report lists all attackers ordered by the number of events detected highest to lowest. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(8), §164.314(b)(1), §13405(c), §13411, §495.6(d)(15) | 1599 | §164.312(b) | §164.308(a)(1), §164.308(a)(8), §164.314(b)(1), §13405(c), §13411, §495.6(d)(15) | LogMart | No | Security | Include All Log Sources |
HSS: Top Suspicious Users | This report lists all users generating suspicious activity ordered by the number of events detected highest to lowest. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(8), §164.314(b)(1), §13405(c), §13411, §495.6(d)(15) | 1600 | §164.312(b) | §164.308(a)(1), §164.308(a)(8), §164.314(b)(1), §13405(c), §13411, §495.6(d)(15) | Data Processor(s) | No | Security | Include All Log Sources |
HSS: Top Targeted Hosts | This report lists all hosts targeted for attack ordered by the number of events detected highest to lowest. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(8), §164.314(b)(1), §13405(c), §13411, §495.6(d)(15) | 1601 | §164.312(b) | §164.308(a)(1), §164.308(a)(8), §164.314(b)(1), §13405(c), §13411, §495.6(d)(15) | LogMart | No | Security | Include All Log Sources |
HSS: Top Targeted Applications | This report lists all applications targeted for attack ordered by the number of events detected highest to lowest. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(8), §164.314(b)(1), §13405(c), §13411, §495.6(d)(15) | 1602 | §164.312(b) | §164.308(a)(1), §164.308(a)(8), §164.314(b)(1), §13405(c), §13411, §495.6(d)(15) | LogMart | No | Security | Include All Log Sources |
HSS: Use Of Non-Encrypted Protocols | This report lists any use of non-encrypted protocols. Direct: §164.312(b) Augment: §164.312(e)(1), §164.308(a)(4) | 1605 | §164.312(b) | §164.312(e)(1), §164.308(a)(4) | LogMart | No | Audit | Include All Log Sources |
HSS: User Authentication Summary | This report provides reporting on successful and failed authentications to services and applications. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(3), §13405(c), §495.6(d)(15) | 1606 | §164.312(b) | §164.308(a)(1), §164.308(a)(3), §13405(c), §495.6(d)(15) | LogMart | No | Audit | Include All Log Sources |
HSS: User Misuse Summary | This report summarizes detected misuse by user. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(6), §13405(c), §495.6(d)(15) | 1607 | §164.312(b) | §164.308(a)(1), §164.308(a)(6), §13405(c), §495.6(d)(15) | Data Processor(s) | No | Security | Include All Log Sources |
HSS: User Object Access Summary | This report summarizes successful object access activity by user. Direct: §164.312(b) Augment: §164.308(a)(1), §13405(c), §495.6(d)(15) | 1608 | §164.312(b) | §164.308(a)(1), §13405(c), §495.6(d)(15) | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: Vulnerabilities Detected | This report provides a summary of detected vulnerabilities. Direct: §164.312(b) Augment: §164.308(a)(1), §13405(c), §495.6(d)(15) | 1609 | §164.312(b) | §164.308(a)(1), §13405(c), §495.6(d)(15) | LogMart | No | Security | Include All Log Sources |
HSS: Top Hosts Experiencing Errors | This report provides a summary of hosts experiencing errors. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(8), §164.314(b)(1), §13405(c), §13411, §495.6(d)(15) | 1610 | §164.312(b) | §164.308(a)(1), §164.308(a)(8), §164.314(b)(1), §13405(c), §13411, §495.6(d)(15) | LogMart | No | Operations | Include All Log Sources |
HSS: Top Applications Experiencing Errors | This report provides a summary of applications experiencing errors. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(8), §164.314(b)(1), §13405(c), §13411, §495.6(d)(15) | 1611 | §164.312(b) | §164.308(a)(1), §164.308(a)(8), §164.314(b)(1), §13405(c), §13411, §495.6(d)(15) | LogMart | No | Operations | Include All Log Sources |
HSS: Eligible Professional Activity Summary-Event | This report will generate a list of Eligible Professional activity based on the users specified in the primary and secondary "Eligible Professional" lists. The report is grouped by Common Event, then Login. Direct: §164.312(b) Augment: §164.308(a)(1), §13405(c), §495.6(d)(1), §495.6(d)(2), §495.6(d)(4), §495.6(d)(11), §495.6(d)(12), §495.6(d)(14), §495.6(d)(15), §495.6(e)(9), §495.6(e)(10), §495.6(e)(1), §495.6(e)(5) | 1612 | §164.312(b) | §164.308(a)(1), §13405(c), §495.6(d)(1), §495.6(d)(2), §495.6(d)(4), §495.6(d)(11), §495.6(d)(12), §495.6(d)(14), §495.6(d)(15), §495.6(e)(9), §495.6(e)(10), §495.6(e)(1), §495.6(e)(5) | LogMart | No | Audit | Include All Log Sources |
HSS: Eligible Professional Activity Summary-Login | This report will generate a list of Eligible Professional activity based on the users specified in the primary and secondary "Eligible Professional" lists. The report is grouped by Login, then Common Event. Direct: §164.312(b) Augment: §164.308(a)(1), §13405(c), §495.6(d)(1), §495.6(d)(2), §495.6(d)(4), §495.6(d)(11), §495.6(d)(12), §495.6(d)(14), §495.6(d)(15), §495.6(e)(9), §495.6(e)(10), §495.6(e)(1), §495.6(e)(5) | 1613 | §164.312(b) | §164.308(a)(1), §13405(c), §495.6(d)(1), §495.6(d)(2), §495.6(d)(4), §495.6(d)(11), §495.6(d)(12), §495.6(d)(14), §495.6(d)(15), §495.6(e)(9), §495.6(e)(10), §495.6(e)(1), §495.6(e)(5) | LogMart | No | Audit | Include All Log Sources |
HSS: Covered Entity Acct Auth Failure Summary | This report provides summary information around Business Associate (user list) authentication failure from Covered Entity IPs (host list). Direct: §164.312(b) Augment: §13402(b), §13405(b), §13411 | 1614 | §164.312(b) | §13402(b), §13405(b), §13411 | Platform Manager | No | Audit | Include All Log Sources |
HSS: Covered Entity Acct Auth Success Summary | This report provides summary information around Business Associate (user list) authentication success from Covered Entity IPs (host list). Direct: §164.312(b) Augment: §13402(b), §13405(b), §13411 | 1615 | §164.312(b) | §13402(b), §13405(b), §13411 | LogMart | No | Audit | Include All Log Sources |
HSS: Covered Entity Acct Access Failure Summary | This report provides summary information around Business Associate (user list) access failure from Covered Entity IPs (host list). Direct: §164.312(b) Augment: §13402(b), §13405(b), §13411 | 1616 | §164.312(b) | §13402(b), §13405(b), §13411 | Platform Manager | No | Audit | Include All Log Sources |
HSS: Covered Entity Acct Access Success Summary | This report provides summary information around Business Associate (user list) access success from Covered Entity IPs (host list). Direct: §164.312(b) Augment: §13402(b), §13405(b), §13411 | 1617 | §164.312(b) | §13402(b), §13405(b), §13411 | LogMart | No | Audit | Include All Log Sources |
HSS: Covered Entity Acct Disabled/Enabled Summary | This report provides summary information when a Business Associate (user list) has access revoked (disabled) or granted (enabled) across Covered Entity IPs (host list). Direct: §164.312(b) Augment: §13402(b), §13405(b), §13411 | 1618 | §164.312(b) | §13402(b), §13405(b), §13411 | Platform Manager | No | Audit | Include All Log Sources |
HSS: Business Associate UAM Summary | This report provides a summary of various access modifications to Business Associates (use list) occurring within all Healthcare Security Compliance Automation Suite parent entities (entity structure). Direct: §164.312(b) Augment: §13402(b), §13405(b), §13411 | 1619 | §164.312(b) | §13402(b), §13405(b), §13411 | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: Ineligible EHR Account Access Summary | This report provides summary information around access success for Eligible Professionals (user lists) within the certified EHR technology scope (log source list). Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(3), §13405(c), §495.6(d)(15) | 1620 | §164.312(b) | §164.308(a)(1), §164.308(a)(3), §13405(c), §495.6(d)(15) | LogMart | No | Audit | HSS: Certified EHR Technologies |
HSS: ePHI Threat IP Activity Summary | This report provides a summary of threat IP activity by Entity and Impacted Host. Direct: §164.312(b) Augment: §164.312(d), §164.312(e)(1), §164.308(a)(4) | 1621 | §164.312(b) | §164.312(d), §164.312(e)(1), §164.308(a)(4) | LogMart | No | Security | HSS: Systems Containing ePHI |
HSS: Unapproved ePHI Account Access Summary | This report provides summary information around access and authentication success for users who are not included in the active Healthcare Security Compliance Automation Suite user lists within the Systems Containing ePHI (log source list). Direct: §164.312(b) Augment: §164.312(a)(1), §164.308(a)(3) | 1622 | §164.312(b) | §164.312(a)(1), §164.308(a)(3) | LogMart | No | Audit | HSS: Systems Containing ePHI |
HSS: Workstation Device Driver Summary | This report is designed to provide a summary of general workstation device driver activity, including but not limited to driver failure and success. Direct: §164.312(b) Augment: §164.310(b), §164.310(c) | 1623 | §164.312(b) | §164.310(b), §164.310(c) | Data Processor(s) | No | Operations | Include All Log Sources |
HSS: Physical Security Auth Activity Summary | This reports on physical security authentication, showing up within the Healthcare Security Compliance Automation Suite environment. The Physical Access Systems list needs to be populated for this report to work properly. Direct: §164.312(b) Augment: §164.310(a)(1) | 1624 | §164.312(b) | §164.310(a)(1) | Platform Manager | No | Audit | Include All Log Sources |
HSS: Suspicious EHR System Activity | This report provides a summary of detected suspicious activity by Entity and Impacted Host. Direct: §164.312(b) Augment: §164.308(a)(1), §13405(c), §495.6(d)(15) | 1626 | §164.312(b) | §164.308(a)(1), §13405(c), §495.6(d)(15) | LogMart | No | Security | HSS: Certified EHR Technologies |
HSS: AIE Rule Summary | This report provides a summary of AI Engine rule activity for the Healthcare Security Compliance Automation Suite (HIPAA/HITECH/Promoting Interoperability). Direct: §164.312(b) Augment: §164.308(a)(8), §13411 | 1627 | §164.312(b) | §164.308(a)(8), §13411 | Platform Manager | No | Security | Include All Log Sources |
HSS: Backup Activity Summary | This report provides a summary of activity from backup events across Systems Containing ePHI (log source list). Direct: §164.312(b) Augment: §164.310(d), §164.308(a)(7), §164.316(b)(1) | 1628 | §164.312(b) | §164.310(d), §164.308(a)(7), §164.316(b)(1) | Log Manager(s) | No | Operations | HSS: Systems Containing ePHI |
HSS: ePHI and Backup System Failure/Error Summary | This report provides a summary of critical and error messages received from Systems Containing ePHI (log source list), including, but not limited to backup failures. Direct: §164.312(b) Augment: §164.310(d), §164.308(a)(7), §164.316(b)(1) | 1629 | §164.312(b) | §164.310(d), §164.308(a)(7), §164.316(b)(1) | Log Manager(s) | No | Operations | HSS: Systems Containing ePHI |
HSS: AIE Backup Failure Alert Summary | This reports on AI Engine backup failure alerts from Systems Containing ePHI (log source list). The Backup Failure Alert AI Engine rule must be enabled for this report. Direct: §164.312(b) Augment: §164.310(d), §164.308(a)(7), §164.316(b)(1) | 1630 | §164.312(b) | §164.310(d), §164.308(a)(7), §164.316(b)(1) | Platform Manager | No | Operations | HSS: Systems Containing ePHI |
HSS: TST Access Failure Summary | This report provides summary information around access failures for accounts within the test systems (entity structure). Direct: §164.312(b) Augment: §13201(a), §13201(b) | 1631 | §164.312(b) | §13201(a), §13201(b) | Platform Manager | No | Audit | Include All Log Sources |
HSS: TST Access Success Summary | This report provides summary information around access success for accounts within the test systems (entity structure). Direct: §164.312(b) Augment: §13201(a), §13201(b) | 1632 | §164.312(b) | §13201(a), §13201(b) | LogMart | No | Audit | Include All Log Sources |
HSS: TST Authentication Failure Summary | This report provides summary information around authentication failures across test systems (entity structure). Direct: §164.312(b) Augment: §13201(a), §13201(b) | 1633 | §164.312(b) | §13201(a), §13201(b) | Platform Manager | No | Audit | Include All Log Sources |
HSS: TST Authentication Success Summary | This report provides summary information around authentication success across test systems (entity structure). Direct: §164.312(b) Augment: §13201(a), §13201(b) | 1634 | §164.312(b) | §13201(a), §13201(b) | LogMart | No | Audit | Include All Log Sources |
HSS: TST Environment Error Summary | This report provides summary details around critical or error messages received from test servers or systems (entity structure) to support change management procedures. Direct: §164.312(b) Augment: §13201(a), §13201(b) | 1635 | §164.312(b) | §13201(a), §13201(b) | Platform Manager | No | Operations | Include All Log Sources |
HSS: TST Priv Acct Authentication Summary | This report provides summary information around authentication success and failures for defined privileged and test accounts (lists) within the test environments (entity structure). Direct: §164.312(b) Augment: §13201(a), §13201(b) | 1636 | §164.312(b) | §13201(a), §13201(b) | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: TST AIE Summary | This reports on Healthcare Security Compliance Automation Suite AI Engine rule activity, within the test environment (entity list). Direct: §164.312(b) Augment: §13201(a), §13201(b) | 1637 | §164.312(b) | §13201(a), §13201(b) | Platform Manager | No | Operations | Include All Log Sources |
Detailed Report Name | Report Description | Report ID | Directly Meet Requirements | Augment Requirements | Data Source | Classification | Intelligent Indexing | Log Sources |
|---|---|---|---|---|---|---|---|---|
HSS: File Integrity Monitor Log Detail | This report provides limited details on data generated by the LogRhythm File Integrity Monitor. Events are grouped by Entity, Impacted Host, and Date. Direct: §164.312(b) Augment: §164.312(c)(1) | 1578 | §164.312(b) | §164.312(c)(1) | Platform Manager | No | Security | HSS: File Integrity Monitoring Systems |
HSS: File Integrity Monitor Log Detail | This report provides detailed information on data generated by the LogRhythm File Integrity Monitor. Events are grouped by Entity, Impacted Host, Date, Common Event, Object, and Size. Direct: §164.312(b) Augment: §164.312(c)(1) | 1579 | §164.312(b) | §164.312(c)(1) | Data Processor(s) | No | Security | HSS: File Integrity Monitoring Systems |
HSS: LogRhythm Data Loss Defender Log Detail | This report provides details on data generated by the LogRhythm Data Loss Defender. Data is grouped by Entity, Impacted Host, Date, Common Event, Object, and Size. Direct: §164.312(b) Augment: §164.312(e)(1), §164.308(a)(4), §164.308(a)(6) | 1584 | §164.312(b) | §164.312(e)(1), §164.308(a)(4), §164.308(a)(6) | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: Usage Auditing Event Detail | This report provides detail usage activity by Date. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(3), §164.308(a)(8), §13405(c), §13411, §495.6(d)(15) | 1603 | §164.312(b) | §164.308(a)(1), §164.308(a)(3), §164.308(a)(8), §13405(c), §13411, §495.6(d)(15) | Platform Manager | No | Log Management | Include All Log Sources |
HSS: Usage Auditing Event Detail | This report provides detail usage activity by User. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(3), §164.308(a)(8), §13405(c), §13411, §495.6(d)(15) | 1604 | §164.312(b) | §164.308(a)(1), §164.308(a)(3), §164.308(a)(8), §13405(c), §13411, §495.6(d)(15) | Platform Manager | No | Log Management | Include All Log Sources |
HSS: Account Management Activity Detail | This report details all account management activity for production systems. Direct: §164.312(b) Augment: §164.312(a)(1), §164.308(a)(8), §13411 | 1638 | §164.312(b) | §164.312(a)(1), §164.308(a)(8), §13411 | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: Host Access Granted And Revoked Detail | This report details all access granted and revoked for production systems. Direct: §164.312(b) Augment: §164.312(a)(1) | 1639 | §164.312(b) | §164.312(a)(1) | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: Malware Detected Detail | This report details detected malware by Impacted Host. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(6), §164.308(a)(8), §13405(c), §13411, §495.6(d)(15) | 1640 | §164.312(b) | §164.308(a)(1), §164.308(a)(6), §164.308(a)(8), §13405(c), §13411, §495.6(d)(15) | Data Processor(s) | No | Security | Include All Log Sources |
HSS: Security Event by Log Source Ent Detail | This report provides details of security relevant events by Impacted Host. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(8), §13405(c), §13411, §495.6(d)(15) | 1641 | §164.312(b) | §164.308(a)(1), §164.308(a)(8), §13405(c), §13411, §495.6(d)(15) | Data Processor(s) | No | Security | Include All Log Sources |
HSS: System Startup And Shutdown Detail | This report lists startup and shutdown details for production servers and network infrastructure systems. Direct: §164.312(b) Augment: §164.310(d), §164.308(a)(7) | 1642 | §164.312(b) | §164.310(d), §164.308(a)(7) | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: Terminated Account Detail | This report details terminated account activity for production systems. Direct: §164.312(b) Augment: §164.312(a)(1), §164.308(a)(3) | 1643 | §164.312(b) | §164.312(a)(1), §164.308(a)(3) | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: Use Of Non-Encrypted Protocol Detail | This report lists any use of non-encrypted protocols. Direct: §164.312(b) Augment: §164.312(e)(1), §164.308(a)(4) | 1644 | §164.312(b) | §164.312(e)(1), §164.308(a)(4) | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: Vulnerabilities Detected Detail | This report provides details of detected vulnerabilities. Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(8), §13405(c), §13411, §495.6(d)(15) | 1645 | §164.312(b) | §164.308(a)(1), §164.308(a)(8), §13405(c), §13411, §495.6(d)(15) | Data Processor(s) | No | Security | Include All Log Sources |
HSS: Covered Entity Acct Auth Failure Detail | This report provides detail information around Business Associate (user list) authentication failure from Covered Entity IPs (host list). Direct: §164.312(b) Augment: §13402(b), §13405(b), §13411 | 1646 | §164.312(b) | §13402(b), §13405(b), §13411 | Platform Manager | No | Audit | Include All Log Sources |
HSS: Covered Entity Acct Auth Success Detail | This report provides detail information around Business Associate (user list) authentication success from Covered Entity IPs (host list). Direct: §164.312(b) Augment: §13402(b), §13405(b), §13411 | 1647 | §164.312(b) | §13402(b), §13405(b), §13411 | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: Covered Entity Acct Access Failure Detail | This report provides detail information around Business Associate (user list) access failure from Covered Entity IPs (host list). Direct: §164.312(b) Augment: §13402(b), §13405(b), §13411 | 1648 | §164.312(b) | §13402(b), §13405(b), §13411 | Platform Manager | No | Audit | Include All Log Sources |
HSS: Covered Entity Acct Access Success Detail | This report provides detail information around access success for vendor accounts (list) within the Critical and Production environments (entity structure). Direct: §164.312(b) Augment: §13402(b), §13405(b), §13411 | 1649 | §164.312(b) | §13402(b), §13405(b), §13411 | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: Covered Entity Acct Disabled/Enabled Detail | This report provides detail information when a Business Associate (user list) has access revoked (disabled) or granted (enabled) across Covered Entity IPs (host list). Direct: §164.312(b) Augment: §13402(b), §13405(b), §13411 | 1650 | §164.312(b) | §13402(b), §13405(b), §13411 | Platform Manager | No | Audit | Include All Log Sources |
HSS: Business Associate UAM Detail | This report provides a detail of various access modifications to Business Associates (use list) occurring within all Healthcare Security Compliance Automation Suite parent entities (entity structure). Direct: §164.312(b) Augment: §13402(b), §13405(b), §13411 | 1651 | §164.312(b) | §13402(b), §13405(b), §13411 | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: Ineligible EHR Account Access Detail | This report provides detail information around access success for Eligible Professionals (user lists) within the certified EHR technology scope (log source list). Direct: §164.312(b) Augment: §164.308(a)(1), §164.308(a)(3), §164.308(a)(8), §13405(c), §13411, §495.6(d)(15) | 1652 | §164.312(b) | §164.308(a)(1), §164.308(a)(3), §164.308(a)(8), §13405(c), §13411, §495.6(d)(15) | Data Processor(s) | No | Audit | HSS: Certified EHR Technologies |
HSS: Unapproved ePHI Account Access Detail | This report provides detail information around access and authentication success for users who are not included in the active Healthcare Security Compliance Automation Suite user lists within the Systems Containing ePHI (log source list). Direct: §164.312(b) Augment: §164.312(a)(1), §164.308(a)(3), §164.308(a)(8), §13411 | 1653 | §164.312(b) | §164.312(a)(1), §164.308(a)(3), §164.308(a)(8), §13411 | Data Processor(s) | No | Audit | HSS: Systems Containing ePHI |
HSS: Physical Security Auth Activity Detail | This reports on physical security authentication, showing up within the Healthcare Security Compliance Automation Suite environment. The Physical Access Systems list needs to be populated for this report to work properly. Direct: §164.312(b) Augment: §164.310(a)(1) | 1654 | §164.312(b) | §164.310(a)(1) | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: AIE Physical Security Auth Detail | This reports on AI Engine details from the associated Healthcare Security Compliance Automation Suite physical access security rule. Note that querying AI Engine events requires the platform manager to be selected as the data source. Direct: §164.312(b) Augment: §164.310(a)(1) | 1655 | §164.312(b) | §164.310(a)(1) | Platform Manager | No | Audit | Include All Log Sources |
HSS: Backup Activity Detail | This report provides a detail of activity from backup events across Systems Containing ePHI (log source list). Direct: §164.312(b) Augment: §164.310(d), §164.308(a)(7), §164.316(b)(1) | 1656 | §164.312(b) | §164.310(d), §164.308(a)(7), §164.316(b)(1) | Data Processor(s) | No | Operations | HSS: Systems Containing ePHI |
HSS: ePHI and Backup System Failure/Error Detail | This report provides details of critical and error messages received from Systems Containing ePHI (log source list), including, but not limited to backup failures. Direct: §164.312(b) Augment: §164.310(d), §164.308(a)(7), §164.316(b)(1) | 1657 | §164.312(b) | §164.310(d), §164.308(a)(7), §164.316(b)(1) | Data Processor(s) | No | Operations | HSS: Systems Containing ePHI |
HSS: AIE Backup Failure Alert Detail | This reports on AI Engine backup failure alerts from Systems Containing ePHI (log source list). The Backup Failure Alert AI Engine rule must be enabled for this report. Direct: §164.312(b) Augment: §164.310(d), §164.308(a)(7), §164.316(b)(1) | 1658 | §164.312(b) | §164.310(d), §164.308(a)(7), §164.316(b)(1) | Platform Manager | No | Operations | HSS: Systems Containing ePHI |
HSS: TST Access Failure Detail | This report provides detail information around access failures for accounts within the test systems (entity structure). Direct: §164.312(b) Augment: §13201(a), §13201(b) | 1659 | §164.312(b) | §13201(a), §13201(b) | Platform Manager | No | Audit | Include All Log Sources |
HSS: TST Access Success Detail | This report provides summary information around access success for accounts within the test systems (entity structure). Direct: §164.312(b) Augment: §13201(a), §13201(b) | 1660 | §164.312(b) | §13201(a), §13201(b) | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: TST Authentication Failure Detail | This report provides detail information around authentication failures across test systems (entity structure). Direct: §164.312(b) Augment: §13201(a), §13201(b) | 1661 | §164.312(b) | §13201(a), §13201(b) | Platform Manager | No | Audit | Include All Log Sources |
HSS: TST Environment Error Detail | This report provides details around critical or error messages received from test servers or systems (entity structure) to support change management procedures. Direct: §164.312(b) Augment: §13201(a), §13201(b) | 1663 | §164.312(b) | §13201(a), §13201(b) | Data Processor(s) | No | Audit | Include All Log Sources |
HSS: TST Priv Acct Authentication Detail | This report provides details around authentication success and failures for defined privileged and test accounts (lists) within the test environments (entity structure). Direct: §164.312(b) Augment: §13201(a), §13201(b) | 1664 | §164.312(b) | §13201(a), §13201(b) | Platform Manager | No | Operations | Include All Log Sources |
HSS: TST Authentication Success Detail | This report provides details around authentication success across test systems (entity structure). Direct: §164.312(b) Augment: §13201(a), §13201(b) | 1665 | §164.312(b) | §13201(a), §13201(b) | Data Processor(s) | No | Audit | Include All Log Sources |
Report Package Name | Report Package Description | Report Package ID |
|---|---|---|
HSS: Monthly Executive Reporting Package | This reporting package includes log summary reports to depict high-level overviews of critical Healthcare Security Compliance Automation Suite activities within the environment. This package should be catered to a Director or Executive level audience. This is configured to run on a monthly basis. | 69 |
HSS: Daily IT Ops Reporting Package | This reporting package includes summary reports to assist with IT operations and is run on a daily basis. | 70 |
HSS: Daily IT Security Report Package | This reporting package includes summary reports to assist with IT security activities and is run on a daily basis. | 71 |
HSS: Weekly Audit Reports | This report package contains a weekly collection of reports designed to meet a variety of HIPAA, HITECH, and Promoting Interoperability requirements. | 72 |
HSS: Weekly Eligible Professional Reports | This report package contains a weekly collection of reports designed to meet a variety of HIPAA, HITECH, and Promoting Interoperability requirements. | 73 |
HSS: Weekly Covered Entity Reports | This report package contains a weekly collection of reports designed to meet a variety of HIPAA, HITECH, and Promoting Interoperability requirements. | 74 |