Skip to main content
Role AvailabilityRead-OnlyInvestigatorAnalystManager
The HIPAA Control §164.312(c)(1) Integrity - Windows - File System Events report generated from this template detects whether your practice has data authentication mechanisms and tools, such as checksum; and if your practice relies on encryption validation to authenticate ePHI.
Checksum is a computation that is introduced when an ePHI is transmitted or stored. The computation is checked again at a later time (such as when the ePHI is recalled or received at the intended destination) to ascertain whether the computations match. If the checksum matches, then it is less likely that the ePHI has been altered or modified.
In general, this report may be used for the following activities:
  • Identification of all users who are authorized to access ePHI
  • Identification of possible unauthorized sources that may intercept and modify ePHI
  • Development of integrity policy and requirements
  • Implementation of procedures to address requirements
  • Implementation of mechanisms to authenticate ePHI
  • Establishiment of a monitoring process to assess how the operational process works
Filters used by HIPAA Control §164.312(c)(1) Integrity - Windows - File System Events
FieldValues
Reporting Device Rule ID”560”, “562”, “564”, “565”, “566”, “567”, “4656”, “4660”, “4661”, “4663”, “4664”, “4670”, “4690”, “4691”, “4985”
Data Source”Windows NxLog”, “AlienVault Agent - Windows EventLog”, “AWS Directory Service”, “ManageEngine ADAudit Plus”, “Azure Windows Events”, “AWSWindows XML”, “AWSWindows”, “Windows PowerShell NxLog”, “Windows SQL NxLog”, “Netwrix Auditor NxLog”, “Windows Winlogbeat”
SuppressedFalse
To generate the HIPAA Control §164.312(c)(1) Integrity - Windows - File System Events report
  1. Go to Reports > Compliance Templates.
  2. On the left navigation pane, click HIPAA.
  3. Click Generate Report on the specific line for this report. The Configure Report dialog box appears.
  4. Click Edit Filters if you want to modify the selected filters, and then click Continue to Filters.
  5. Make the required modifications, and then click Edit Report.
  6. Click the date field if you want to choose a different date range. Choose Last Hour, Last 24 Hours, Last 7 Days, Last 30 Days, Last 90 Days, or Custom Range to set a particular date range.
  7. Select the Format of the report. It can either be CSV or PDF.
  8. Select a Schedule for the report if you want to generate it again: Never, Daily, Weekly, Bi-weekly, and Monthly.
  9. Enter an email address in which to send the report. You may also select the Send to my Email Address option to add your email automatically.
  10. Select the Enable link expiration option.
    This link is delivered by email and expires in 14 days.
  11. Click Next.
  12. In the Report Name field, enter a name for the report. This name will be displayed on the Saved Reports page.
  13. (OPTIONAL) Enter a Report Description.
  14. Under the Number of Records section, select the maximum number of records to include in the report: 20, 50, 100, 500, 1000, or 2500.
  15. If you have previously chosen the PDF format, you will see the Graphs section, which you can use to include additional views. You can add to or remove graphs from the report by clicking the and icons.
  16. Click Run to run the report.
    You can also click Save & Run if you wish to keep the report in your Saved Reports on USM Anywhere page and receive the report in the indicated email.