how do i implement sql server under hippa compliance using azure policies/initiative ?

%3CLINGO-SUB%20id%3D%22lingo-sub-2059458%22%20slang%3D%22en-US%22%3Ehow%20do%20i%20implement%20sql%20server%20under%20hippa%20compliance%20using%20azure%20policies%2Finitiative%20%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2059458%22%20slang%3D%22en-US%22%3E%3CP%3Ei%20assign%20hippa%2Fhittrust%20for%20perticular%20rg%20in%20my%26nbsp%3B%20subscription%20and%20created%20sql%20server%20under%20that%20after%20creating%20sql%20server%20on%20that%20is%20shows%20following%20output.%3C%2FP%3E%3CP%3Eand%20also%20where%20i%20ensure%20what%20ever%20resource%20i%20deploy%20that%20is%20hippa%20compliant%3F%3C%2FP%3E%3CP%3Eis%20there%20any%20audit%20to%20fulfill%20this%20scenario%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2059458%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20Cost%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20Policy%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20Resource%20Manager%20Deployments%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2060911%22%20slang%3D%22en-US%22%3ERe%3A%20how%20do%20i%20implement%20sql%20server%20under%20hippa%20compliance%20using%20azure%20policies%2Finitiative%20%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2060911%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F928566%22%20target%3D%22_blank%22%3E%40cdtsushant%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHi%20you%20need%20to%20verify%20the%20enforcement%20mode%20and%20the%20policy%20effects%3C%2FP%3E%3CP%3Edo%20you%20want%20to%20deploy%20after%20creation%20%3F%20deny%20the%20creation%20if%20correct%20parameters%20are%20not%20applied%20%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fgovernance%2Fpolicy%2Fconcepts%2Fassignment-structure%23enforcement-mode%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fgovernance%2Fpolicy%2Fconcepts%2Fassignment-structure%23enforcement-mode%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CDIV%20class%3D%22table-scroll-wrapper%22%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fgovernance%2Fpolicy%2Fconcepts%2Feffects%23disabled%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fgovernance%2Fpolicy%2Fconcepts%2Feffects%23disabled%3C%2FA%3E%3C%2FDIV%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20for%20example%20you%20want%20to%20deploy%20if%20not%20exists%26nbsp%3B%20you%20should%20create%20a%20remediation%20task%20to%20be%20compliant%20.%3C%2FP%3E%3CP%3EAnother%20way%20is%20Infrastructure%20as%20code%20%3A%20design%20your%20template%20in%20a%20such%20a%20way%20that%20you%20are%20building%20compliant%20resources%20by%20design%20.%3C%2FP%3E%3CP%3EAzure%20blueprint%20also%20can%20help%20you%20to%20achieve%20this%20goal%20for%20future%20resources%20.%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fgovernance%2Fblueprints%2Fsamples%2Fhipaa-hitrust-9-2%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fgovernance%2Fblueprints%2Fsamples%2Fhipaa-hitrust-9-2%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CDIV%20class%3D%22table-scroll-wrapper%22%3E%26nbsp%3B%3C%2FDIV%3E%3CDIV%20class%3D%22table-scroll-wrapper%22%3E%26nbsp%3B%3C%2FDIV%3E%3C%2FLINGO-BODY%3E
Occasional Visitor

i assign hippa/hittrust for perticular rg in my  subscription and created sql server under that after creating sql server on that is shows following output.

and also where i ensure what ever resource i deploy that is hippa compliant?

is there any audit to fulfill this scenario?

 

1 Reply

@cdtsushant 

 

Hi you need to verify the enforcement mode and the policy effects

do you want to deploy after creation ? deny the creation if correct parameters are not applied ?

 

https://docs.microsoft.com/en-us/azure/governance/policy/concepts/assignment-structure#enforcement-m...

 

 

If for example you want to deploy if not exists  you should create a remediation task to be compliant .

Another way is Infrastructure as code : design your template in a such a way that you are building compliant resources by design .

Azure blueprint also can help you to achieve this goal for future resources .

https://docs.microsoft.com/en-us/azure/governance/blueprints/samples/hipaa-hitrust-9-2