Edit

Share via

Azure Policy built-in definitions for Azure Health Data Services

  • Article

This article provides an index of built-in Azure Policy definitions for Azure Health Data Services. For more information, see Azure Policy built-in policies.

The name of each built-in policy definition links to the policy definition in the Azure portal. Use the link in the GitHub version column to view the source on the Azure Policy GitHub repo.

Azure Portal Name Description Effects GitHub version
Azure Health Data Services workspace should use Private Link The Azure Health Data Services workspace needs at least one approved private endpoint connection. Clients in a virtual network can securely access resources that have private endpoint connections through private links. For more information, see: Configure Private Link for Azure Health Data Services. Audit, Disabled 1.0.0
CORS shouldn't allow every domain to access the FHIR® service Cross-origin resource sharing (CORS) shouldn't allow all domains to access the FHIR service. To protect the FHIR service, remove access for all domains and explicitly define the domains allowed to connect. audit, Audit, disabled, Disabled 1.1.0
DICOM® service should use a customer-managed key to encrypt data at rest Use a customer-managed key to control the encryption at rest for the data stored in the DICOM service in Azure Health Data Services when to comply with a regulatory or compliance requirement. Customer-managed keys also deliver double encryption by adding a second layer of encryption on top of the default one done with service-managed keys. Audit, Disabled 1.0.0
FHIR Service should use a customer-managed key to encrypt data at rest Use a customer-managed key to control the encryption at rest of the data stored in the FHIR service in Azure Health Data Services FHIR Service to comply with a regulatory or compliance requirement. Customer-managed keys also deliver double encryption by adding a second layer of encryption on top of the default one done with service-managed keys. Audit, Disabled 1.0.0

Related content

Azure Policy GitHub repo

Azure Policy definition structure

Understanding policy effects

Note

FHIR® is a registered trademark of HL7 and is used with the permission of HL7.

DICOM® is the registered trademark of the National Electrical Manufacturers Association for its Standards publications relating to digital communications of medical information.