| Framework | HIPAA Security Rule |
|---|---|
| Control ID | §164.310(b) |
| Control Family | Physical Safeguards > Workstation Controls |
| Control Name | Workstation Use |
| Status | IMPLEMENTED |
| Assessment Date | 2026-04-19T02:25:35.202960+00:00 |
| Assessor | TITAN AI Scanner v2.0 (CONDUCTOR + BASTION + SCOUT + COMPLY + SAGE) |
| Environment Scope | Azure: Pay-As-You-Go (prod) (4f29d094-1079-44c9-acb0-4d73a7a2dd34) |
| Report ID | 6b244cfa5d37a190ca4970bfe28fcd708812a39ae2d11f39b51d3c65f5139385 |
Standard: Workstation use. Implement policies and procedures that specify the proper functions to be performed, the manner in which those functions are to be performed, and the physical attributes of the surroundings of a specific workstation or class of workstation that can access electronic protected health information.
Source: https://www.ecfr.gov/current/title-45/subtitle-A/subchapter-C/part-164/subpart-C/section-164.310
Each implementation specification addressed separately per HIPAA §164.306(d) / NIST 800-53A assessment methodology.
Document acceptable workstation use and environmental controls.
Summarized with counts + exceptions + drill-down. Raw data available on request per retention policy.
Test of Design (does the control exist?) + Test of Operating Effectiveness (does it work consistently?). Sampling per AICPA AU-C 530.
n/a
Policy v1.3 in effect.
Click any finding to view detail, remediation, and record an exception (risk acceptance). Exceptions are retained in the report as part of the audit trail.
No findings for this control.
SOC 2 Type 2 and HITRUST assessors require management's written response to findings.
| Scanner | TITAN AI Scanner v2.0 (CONDUCTOR + BASTION + SCOUT + COMPLY + SAGE) |
|---|---|
| Scanner version | v2.0.1 |
| Collection timestamp | 2026-04-19T02:25:35.202960+00:00 |
| Retention | 2555 days (HIPAA 164.316(b)(2)) |
| Report hash (SHA-256) | 6b244cfa5d37a190ca4970bfe28fcd708812a39ae2d11f39b51d3c65f5139385 |
This same evidence is admissible for the following related controls. Scan once, satisfy multiple frameworks.
PE-5, AC-11, AC-19 — same evidence satisfiesA.11.2.8, A.11.2.9 — same evidence satisfies08.j, 08.k — same evidence satisfies