CIS Controls v8 → HIPAA crosswalk
A control-by-control mapping between CIS Critical Security Controls v8 and HIPAA Security Rule (45 CFR Part 164, Subpart C). 3 mappings.
| CIS Controls v8 | HIPAA | Relationship | Notes |
|---|---|---|---|
| 3.11 Encrypt sensitive data at rest | §164.312(e)(1) Transmission security | EquivalentCurated | Cryptographie et protection des données |
| 6.1 Establish an access granting process | §164.312(a)(1) Access control | EquivalentCurated | Contrôle d'accès et identité |
| 8.1 Establish and maintain an audit log management process | §164.312(b) Audit controls | EquivalentCurated | Journalisation, surveillance et détection |
Mappings marked “Official” derive from standards-body informative references; “Curated” mappings are authored by Cyber Compliance and provided for guidance only.