HIPAA Tip: Physical Safeguards

Physical safeguards are measures, policies, and procedures intended to protect a Covered Entity or Business Associate’s building, equipment, and information systems from unauthorized intrusion as well as natural and environmental hazards. Compliance with these HIPAA safeguards not only involves securing buildings and controlling access to buildings, but also validating the identity of anyone with access to equipment and information systems containing electronic Protected Health Information (ePHI).

Some categories of physical safeguards include:

Facility Access: facility security plan, contingency operations, access controls, validation procedures, and maintenance records.

Device and Media Controls: data backup and storage, accountability of physical hardware and electronic media, and device re-use procedures.

Workstation Security: Maintaining workstation security while in use and when unattended and securing any devices that may be in a public or vulnerable area.

Protecting your hardware, office and environment is the simplest and easiest way to prevent unwanted intrusions, or worse, a breach.

HIPAA compliance isn’t a one-time checklist. It’s ongoing, programmatic in nature, and requires demonstrated reasonable diligence to stay in good standing with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). ANATOMY_IT. can provide you peace of mind with our expert HIPAA compliance services. To learn more, contact us here.