Young hacker smiling

We hack your software

zero false positives

Expert intelligence + specialized technology

REQ.199 Authorize foreign devices access

This document contains the details of the security requirements related to the definition and management of foreign devices in the organization. This requirement establishes the importance of defining the accepted circumstances to use foreign devices in the facilities.

Requirement

The organization must determine services, time and personnel allowed to access to inner resources using foreign devices

References

  1. HIPAA Security Rules 164.310(d)(1): Device and Media Controls: Implement policies and procedures that govern the receipt and removal of hardware and electronic media that contain electronic protected health information into and out of a facility, and the movement of these items within the facility.

  2. NIST 800-53 IA-3 Device identification and authentication: The information system uniquely identifies and authenticates organization-defined devices before establishing a local or remote network connection.


Service status - Terms of Use