Workstation Use In this week’s “Know The Rules!,” I am diving into the second standard of Physical Safeguards of the Health Insurance Portability and Accountability Act (HIPAA) Security Standards: Workstation Use, 45 CFR § 164.310(b). Physical security is an important component of the HIPAA Security Rule that is often overlooked. What constitutes appropriate physical security …
What is Information Access Management? The fourth standard in the Administrative Safeguards section is Information Access Management. Covered Entities (CEs) and their Business Associates (BAs) are required to: “Implement policies and procedures for authorizing access to electronic protected health information that are consistent with the applicable requirements of subpart E of this part [the Privacy …
Breaking Down the HIPAA Security Rule Physical Safeguards Today I am breaking down the Physical Safeguards of the HIPAA Security Rule, 45 CFR § 164.310, into byte-size portions to help you understand how they are significant to your organization. The Physical Safeguards are physical measures, policies, and procedures to protect a regulated entity’s electronic information systems and …
Breaking Down the HIPAA Security Rule Physical Safeguards Read More »
HIPAA Security Rule Technical Safeguards Today I am breaking down the Technical Safeguards of the HIPAA Security Rule, 45 CFR § 164.312, into byte-size portions to help you understand how they are significant to your organization. The HIPAA Security Rule establishes security standards for protecting all electronic protected health information (ePHI). The Technical Safeguards require regulated entities and their …
Breaking Down the HIPAA Security Rule Technical Safeguards Read More »
Understanding the HIPAA Policies and Procedures Today, I am diving a little deeper into the HIPAA Security Rules Administrative Safeguards, 45 CFR § 164.316 to break down the Policies and Procedures into byte-size portions to help you understand how they are significant to your organization. The standard requires regulated entities, Covered Entities (CEs) and their third-party vendors, to implement …
In this week’s “Know The Rules!,” I am diving a little deeper into the Organizational Requirements, part of the Administrative, Physical, and Technical Safeguards of the Health Insurance Portability and Accountability Act (HIPAA) security standards, 45 CFR § 164.314. As with all the standards in the HIPAA Security Rule, compliance with the Organizational Requirements standards …
10 Requirements to Include in Your Business Associate Agreement The HIPAA Privacy, Security, and Breach Notification Rule require Covered Entities and their third-party vendors, referred to by the Department of Health and Human Services as Business Associates (BAs), are required to obtain a signed Business Associate Agreement (BAA) from each vendor, and their subcontractors, to ensure appropriate safeguards are implemented to …
10 Requirements to Include in Your Business Associate Agreement Read More »
Contingency Planning, Yes You Need It!! The purpose of contingency planning is to establish strategies for recovering access to electronic protected health information (ePHI). In the event an organization experiences an emergency or other incident, such as power outages and/or disruption of critical business operations, any lost or damaged ePHI must be recovered and/or restored. …
Documentation That’s What It’s All About Today I am breaking down the Documentation standard, 45 §164.316(b)(1), from the HIPAA Security Management Process into byte-size portions to help you understand how they are significant to your organization. Before I can break down today’s topic, I first should set the document stage. When it comes to auditors, lawyers and the …
HIPAA Security Rule Administrative Safeguards Today I am breaking down the Administrative Safeguards of the HIPAA Security Rule, 45 CFR § 164.308, into byte-size portions to help you understand how they are significant to your organization. The HIPAA Security Rule establishes security standards for protecting all electronic protected health information (ePHI). The Administrative Safeguards comprise over half of the …
Breaking Down the HIPAA Administrative Safeguards Read More »