Is wazuh compliant with HIPAA

[dejv...@gmail.com]

Hello Wazuh team,

Is wazuh compliant  with HIPAA? if so how can I test it. Please provide some information on HIPAA compliance.

Thanks & Regards,

Dej

[Alberto Gonzalez]

Hi Dej,

Wazuh provides a set of capabilities that are helping with most of the regulations out there, such as PCI DSS, GDPR, HIPAA, SOC 1 and 2, NIST, FedRamp, etc... If you are just asking about the compliance rule mapping, at the moment we have it for PCI DSS, GDPR and GPG13, but will work on others regulations soon, including HIPAA, since they are part of our roadmap.

I hope this answers your question. Let me know if I can be of further help.

Alberto Gonzalez

--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To post to this group, send email to wa...@googlegroups.com.
Visit this group at https://groups.google.com/group/wazuh.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/6eee0663-33a1-4de1-ba13-803f42bbcb41%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[dejv...@gmail.com]

Thank you Alberto Gonzalez for providing the information.

If I want to test with current existing HIPAA capabilities, do you have any documentation or link that I can go through to know what HIPAA capabilities wazuh is compliant with?  

In your roadmap when do you think complete HIPAA compliant requirements will be  supported (any timeframe)?

Thanks & Regards

Dej

On Wednesday, October 10, 2018 at 12:25:54 AM UTC-7, Alberto Gonzalez wrote:

Hi Dej,

Wazuh provides a set of capabilities that are helping with most of the regulations out there, such as PCI DSS, GDPR, HIPAA, SOC 1 and 2, NIST, FedRamp, etc... If you are just asking about the compliance rule mapping, at the moment we have it for PCI DSS, GDPR and GPG13, but will work on others regulations soon, including HIPAA, since they are part of our roadmap.

I hope this answers your question. Let me know if I can be of further help.

Alberto Gonzalez

On Tue, Oct 9, 2018 at 11:44 AM <dejv...@gmail.com> wrote:

Hello Wazuh team,

Is wazuh compliant  with HIPAA? if so how can I test it. Please provide some information on HIPAA compliance.

Thanks & Regards,

Dej

--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.

To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+unsubscribe@googlegroups.com.

[Alberto Gonzalez]

Dej,

Sorry for the late response. We do not have any documentation or link related to HIPAA by now. However, the team has started working on it and hopefully we will have it implemented by the first quarter of this year. It will be released with the needed documentation. Thanks for your patience.

Best regards,

Alberto

[Joe Kingston]

Do you have an 800-53 security control mapping that show how Wazuh is meeting the NIST controls?

[Alberto Gonzalez]

Hi Joe,

Sorry for the late response. The mapping will be added to our roadmap. ETA is still to be determined.

Best regards,

Alberto 

[Joe Kingston]

Thank You! This will be very helpful.