The HIPAA Security Rule established national standards to protect individuals’ electronic Protected Health information (ePHI). The General rule is to ensure the Confidentiality, Integrity and Availability (CIA) of all ePHI created, received, maintained, or transmitted.
Did you know that as a Covered Entity or Business Associate you must comply with each standard?
Security Standards for Administrative Safeguards:
- Security Management Process
- Assigned Security Responsibility
- Workforce Security
- Information Access Management
- Security Awareness and Training
- Security Incident Procedures
- Contingency Plan
- Business Associate Contracts and Other Arrangements
Security Standards for Technical Safeguards:
- Access Control
- Audit Controls
- Person or Entity Authentication
- Transmission Security
Security Standards for Physical Safeguards:
- Facility Access Controls
- Workstation Use
- Workstation Security
- Device and Media Controls
HIPAA compliance isn’t a one-time checklist. It’s ongoing, programmatic in nature, and requires demonstrated reasonable diligence to stay in good standing with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). ANATOMY_IT. can provide you peace of mind with our expert HIPAA compliance services. To learn more, contact us here.