HIPAA → SOC 2 crosswalk
A control-by-control mapping between HIPAA Security Rule (45 CFR Part 164, Subpart C) and SOC 2 (AICPA Trust Services Criteria). 3 mappings.
| HIPAA | SOC 2 | Relationship | Notes |
|---|---|---|---|
| §164.312(a)(1) Access control | CC6.1 Logical access security controls | EquivalentCurated | Contrôle d'accès et identité |
| §164.312(b) Audit controls | CC7.2 Security event monitoring | EquivalentCurated | Journalisation, surveillance et détection |
| §164.312(e)(1) Transmission security | CC6.7 Restricting data transmission | PartialCurated | Cryptographie et protection des données |
Mappings marked “Official” derive from standards-body informative references; “Curated” mappings are authored by Cyber Compliance and provided for guidance only.