Introduction

Applicable HIPAA Requirements Categories

Implementation Of Applicable Sections

Storage

1. EPHI stored on the Uplevel NAS shares are fully encrypted at rest. If one or more shares on the NAS are deleted, the data contained therein is completely destroyed and cannot be recreated.
   
2. The Uplevel gateway is configured to support Active Directory. The Active Directory server maintains a continuous audit log of all accesses (read, write, create, delete, modify) to all files within the NAS shares, traceable to the user.
   
3. If an Uplevel gateway is decommissioned, deleting all of the NAS shares will irretrievably destroy all EPHI stored therein beyond recovery, satisfying the disposal requirements.
   
4. As the entire storage media potentially holding EPHI are encrypted, physical removal of the storage media and attempt to access EPHI is not possible.
   
5. Uplevel gateways are locked to individual customers and cannot be reassigned without explicit arrangements. Unauthorized access to EPHI after physically removing the gateway is therefore prevented.
   

Backup

1. Cloud backups have been enabled on the NAS shares provided by the Uplevel gateway. All EPHI held in these shares are therefore periodically backed up to an encrypted backup mirror over an encrypted tunnel. If EPHI is lost from the physical NAS shares, it can be recovered from the backups.
   
2. The cloud backups are held off-site in AWS virtual datacenters, satisfying the offsite backup requirement. Further, the requirement to create a retrievable exact copy of EPHI before equipment movement is satisfied.
   
3. In case of an emergency involving a catastrophic failure of the Uplevel gateway, or malicious alteration of EPHI, the EPHI is retrievable from these cloud backups. In addition, protection against malicious alteration is afforded by the local read-only snapshots taken on the Uplevel NAS shares.
   
4. Cloud backups are held on individually assigned and secured servers and storage media that are dedicated per-customer. Prevention of EPHI release or sharing with unauthorized parties is therefore guaranteed by isolation.
   
5. Cloud backups cannot be accessed outside of the physical gateway present at the physical customer site, further limiting the risk of unauthorized EPHI release.
   

User Access Control

1. The Domain Controller within the Uplevel gateway, if active at the customer site, controls access to NAS shares (and by extension the EPHI within these shares). Users cannot access the EPHI without first logging in using their unique user credentials.
   
2. User logins and logouts are logged within the audit logs. Accesses to EPHI are tracked based on the unique user credentials.
   
3. Uplevel NAS shares can be restricted to specific groups of users (e.g., Employees, Accounting), and unauthorized user access to EPHI can be controlled thereby.
   
4. The Uplevel Domain Controller implements automatic password-protected lock, minimum password complexity requirements, account lock after failed attempts, and mandatory password expiry after preset times. The automatic logoff and password management requirements are therefore satisfied.
   
5. Passwords are stored within the Domain Controller using a secure one-way hash mechanism (not plaintext). The password encryption requirements are therefore satisfied.
   
6. Users can be disabled or deleted from the Domain Controller, thereby temporarily or permanently preventing their access to EPHI if no longer required.
   

Activity Logging

1. The Uplevel NAS in Domain Controller mode maintains detailed audit logs listing accesses to the system. As users cannot access EPHI on the NAS shares without logging in first, these audit logs are traceable to individual users.
   
2. The Uplevel system also maintains detailed audit logs of system activity (e.g., equipment connection, disconnection, or modification) and device activity (e.g., workstation connection and disconnection).
   
3. Audit records include the unique user ID and the date/time when the activity was performed.
   
4. Attempts by unauthorized users to access the system (e.g., bad password attempts) are logged in the audit logs.
   
5. User login and logout attempts are recorded in the audit logs. Admin Access and Logging
   
6. Administrative login and logout attempts are logged on the Uplevel portal.
   
7. Administrative adds, deletes and changes to configurations are logged on the Uplevel portal.
   
8. Administrative access to the Uplevel system holding EPHI can be secured using multi-factor authentication.
   
9. Administrators are able to perform emergency access and provision to the customer of backup copies of EPHI in case of loss (without requiring direct access to EPHI), and are able to perform restore of EPHI from the backups in case of catastrophic failures or emergencies. EPHI File Access Logging
   
10. The Uplevel NAS in Domain Controller mode maintains detailed audit logs listing accesses to or modification of EPHI contained within individual files.
    
11. The EPHI audit records include the unique user ID, the specific activity performed (e.g., read, write, create, delete), and the date/time when the activity was performed.
    
12. Attempts by unauthorized users to access EPHI (e.g., failed reads) are logged in the audit logs.
    

Encryption And Access Control

1. All EPHI stored on the Uplevel NAS is encrypted at rest using strong AES encryption.
   
2. All EPHI transferred from the Uplevel NAS to the cloud backup, or transferred to a remote user via VPN access, is encrypted during transmission using strong AES encryption.
   
3. Both the connections to the cloud backup and the VPN access are defended against unauthorized or malicious modification of EPHI using integrity checks, via a Message Integrity Check (MIC).
   
4. Transmission of EPHI over the Uplevel Wi-Fi devices is protected by mandatory strong AES encryption and MIC checks; passwordless access to EPHI via the Wi-Fi is not permitted.
   
5. Unauthorized access to EPHI by physically connecting to unused Ethernet ports can be limited or prevented by disabling the ports from the Uplevel portal. Attempts to defeat this limitation by disconnecting an existing device (whether Uplevel switch/AP, or third-party device, or workstation) and connecting to the port can be detected and alerted by settings on the Uplevel portal.
   

IDS/IPS

1. If the Uplevel gateway has IDS/IPS enabled, the IDS/IPS will intercept and inspect all packets transiting the system from the WAN against a set of rules to to detect and mitigate malicious attempts to access EPHI held on the Uplevel NAS.
   
2. Attacks or attempts detected by the IDS are recorded for audits, and can be transmitted to logging systems via e-mail for recording and analysis.
   
3. IDS/IPS is active on all networks that have access to EPHI stored on the Uplevel NAS shares.