Bug 1832754

Summary: (RFE) Add HIPAA profile into RHEL8 compliance content
Product: Red Hat Enterprise Linux 8 Reporter: Marek Haicman <mhaicman>
Component: scap-security-guideAssignee: Watson Yuuma Sato <wsato>
Status: CLOSED DUPLICATE QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: high Docs Contact:
Priority: high    
Version: 8.1CC: ggasparb, mhaicman, vpolasek, wsato
Target Milestone: rcKeywords: FutureFeature, Triaged
Target Release: 8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-05-13 15:16:52 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Marek Haicman 2020-05-07 08:57:02 UTC 
Description of problem:
Healthcare organizations in the NA are often required to conform to the HIPAA (Health Insurance Portability and Accountability Act). By providing the profile as part of SCAP Security Guide, we can provide simplified path to achieve that.



Version-Release number of selected component (if applicable):
scap-security-guide-0.1.48-7.el8

How reproducible:
reliably

Steps to Reproduce:
1. profile exists: oscap info --profiles /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml
2. system is installed to the "all green" state
3. 

Actual results:
profile does not exist

Expected results:
profile exists and hardens system to the "all green" state

Additional info:
https://www.hhs.gov/sites/default/files/nist-csf-to-hipaa-security-rule-crosswalk-02-22-2016-final.pdf
Will be similar to the RHEL7 HIPAA profile Bug 1513087
Comment 2 Marek Haicman 2020-05-13 15:16:52 UTC 

*** This bug has been marked as a duplicate of bug 1832760 ***