Question HIPA-20
Does the application log administrative activity, such user account access changes and password changes, including specific user, date/time of changes, and originating IP or device?
Weight | 20 |
High Risk | No |
Required | No |
Compliant Answer | Yes |
Standard Guidance
Refer to HIPAA regulations documentation for supplemental guidance in this section.
Answering "NO"
EDUCAUSE provides no guidance here
Answering "YES"
EDUCAUSE provides no guidance here
Reason for Question
HIPAA
Follow-Up Inquiries
Refer to HIPAA documentation or your institution's Chief HIPAA Security Officer.
HECVAT Pro Advice
[Add expert insights and best practices]
Implementation Tips
[Add practical steps for SME SaaS vendors]
FAQ
[Add common questions related to this HECVAT item]
Resources
[Add links to relevant articles or tools]