{"frameworkId":"hipaa","label":"HIPAA","version":"Security Rule","css":"fw-hipaa","totalControls":59,"registryKey":"hipaa","csvColumn":"Hipaa","displayOrder":8,"scoring":{"method":"criteria-coverage","criteria":{"\u00a7164.308":{"label":"Administrative Safeguards","description":"Security management, access management, training, and contingency planning"},"\u00a7164.310":{"label":"Physical Safeguards","description":"Facility access controls, workstation use, and device/media controls"},"\u00a7164.312":{"label":"Technical Safeguards","description":"Access control, audit controls, integrity, transmission security"},"\u00a7164.314":{"label":"Organizational Requirements","description":"Business associate contracts and group health plan requirements"},"\u00a7164.316":{"label":"Policies and Procedures","description":"Documentation requirements and record retention"}}},"colors":{"light":{"background":"#fdf2f8","color":"#9d174d"},"dark":{"background":"#831843","color":"#F9A8D4"}}}
|