Preparing for an OCR audit or internal review requires point-in-time evidence of security controls.
# Fetch all PHI-tagged storage accounts and encryption status
$ cloud-audit-cli --scope global --data PHI --format pdf --sign
Evidence Includes:
- Encryption Keys (CMK)
- NSG Flow Logs
- IAM Access Logs
- BAA Registry