HIPAA 164.312(a)(2)(iii) - Automatic Logoff (A): Terminate an electronic session after a predetermined time of inactivity 'MaxIdleTime'.

Information

NOTE : HIPAA does not specify a hard limit for this value. Currently set to '900000'.
http://csrc.nist.gov/publications/nistpubs/800-66-Rev1/SP-800-66-Revision1.pdf pg. D-11

See Also

http://csrc.nist.gov/publications/nistpubs/800-66-Rev1/SP-800-66-Revision1.pdf

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-12, CSCv6|16.4, CSCv6|16.5

Plugin: Windows

Control ID: 4d96944a04d00d03aa943417c2e28d846915260a47ce7ec0765756a537ca456a