This section describes how the Commvault software addresses the following HIPAA rules:
"Unique user identification", Section 164.312(a)(2)(i))
All users who perform functions within the CommCell Console environment must have a CommCell Console user account (local user) or be a member of a domain (external user) that registers with the CommCell Console environment.
Role-based security is typically used for administrators who need permissions on multiple entities. To use role-based security, you must create a security association between users or user groups, a role, and entities:
User: The CommCell user or external user (for example, an Active Directory user) who is given access. The user account contains information about the user and each user name is unique.
User Group: User groups are a collection of users that make it easy to control a large number of users. Properties and security associations selected for the user group apply to all of the users in the group.
Permissions: Permissions allow users to perform tasks such as performing backup, restore, and administrative operations (for example, license administration) on entities.
Role: A collection of permissions that defines the level of access granted to a user or a user group.
Security associations can be added at the user level, user-group level, or directly on an entity.
For a comprehensive description of the Commvault user administration security, see User Administration and Security Overview.