User Administration and Security for HIPAA
This section describes how the Commvault software addresses the following HIPAA rules:
- "Unique user identification", Section 164.312(a)(2)(i))
All users who perform functions within the CommCell Console environment must have a CommCell Console user account (local user) or be a member of a domain (external user) that registers with the CommCell Console environment.
Role-based security is typically used for administrators who need permissions on multiple entities. To use role-based security, you must create a security association between users or user groups, a role, and entities:
- User: The CommCell user or external user (for example, an Active Directory user) who is given access. The user account contains information about the user and each user name is unique.
- User Group: User groups are a collection of users that make it easy to control a large number of users. Properties and security associations selected for the user group apply to all of the users in the group.
- Permissions: Permissions allow users to perform tasks such as performing backup, restore, and administrative operations (for example, license administration) on entities.
- Role: A collection of permissions that defines the level of access granted to a user or a user group.
Security associations can be added at the user level, user-group level, or directly on an entity.
For a comprehensive description of the Commvault user administration security, see User Administration and Security Overview.
Last modified: 9/10/2018 3:20:45 PM