In this week’s “Know The Rules!”, I am diving a little deeper into the Administrative Safeguards of the Health Insurance Portability and Accountability Act (HIPAA) Security Standards: Administrative Safeguards, 45 CFR § 164.308. The HIPAA Administrative Safeguards comprises over half of the HIPAA Security Rule. It establishes a national set of minimum security standards for […]
Covered Entities (CEs) and Business Associates (BAs) are required to secure the electronic protected health information (ePHI) against internal and external security risks and vulnerabilities. That is why the next standard, HIPAA Security Awareness and Training, § 164.308(a)(5), is so important. Workforce education and training plus creating a culture of compliance valuing patients’ privacy are […]
Every day Covered Entities and Business Associates face unique challenges from cybersecurity, interoperability, and patient safety. Cyber attacks and breaches are becoming the norm in every business and healthcare is #2target AFTER financial institutions. All of these have in common, the need to: Keep Protected Health Information Secure at ALL Times!! What is Healthcare Cyber […]
Did you know? The Administrative Safeguards from the HIPAA Security Rule specifies implement a Security Awareness and Training for Business Associates (BA’s) program for ALL members of the workforce, including management and doctors too, as defined in 45 CFR §§ 164.308. However, it doesn’t say HOW to implement the security awareness and training program! Yes, […]