HIPAA
Definition
The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. law designed to provide privacy standards to protect patients’ medical records and other health information provided to health plans, doctors, hospitals, and other healthcare providers. It mandates secure handling of Protected Health Information (PHI) to ensure confidentiality, integrity, and availability. HIPAA compliance is crucial for any organization dealing with PHI, requiring administrative, physical, and technical safeguards.
Secure Settings Example
# Example Kubernetes Pod Security Context for HIPAA compliance
apiVersion: v1
kind: Pod
metadata:
name: secure-hipaa-pod
spec:
securityContext:
runAsNonRoot: true
readOnlyRootFilesystem: true
seccompProfile:
type: RuntimeDefault
containers:
- name: secure-container
image: secure-app:latest
resources:
requests:
memory: "256Mi"
cpu: "500m"
limits:
memory: "512Mi"
cpu: "1"
ports:
- containerPort: 80
Insecure Settings Example
# Example of insecure Kubernetes Pod Security Context
apiVersion: v1
kind: Pod
metadata:
name: insecure-hipaa-pod
spec:
securityContext:
runAsNonRoot: false
readOnlyRootFilesystem: false
containers:
- name: insecure-container
image: insecure-app:latest
ports:
- containerPort: 80