This includes having integrity controls & encryption. Transmission Security: A covered entity must implement technical measures to guard against unauthorized access to ePHI that is being transmitted over an electronic communications network (164.312 (e)). Person or Entity Authentication: A covered entity must implement procedures to verify a person or entity accessing ePHI is the one claimed. This includes having a mechanism to authenticate ePHI.Ĥ. Integrity: A covered entity must implement policies & procedures to protect ePHI from improper alteration or destruction. Congress didn't enact privacy and security standards. It also stated that the Secretary of HHS had the responsibility of issuing regulations if the U.S. Audit Controls: A covered entity must implement software that records and examines activity in information systems that contain or use ePHI. At that time, HIPAA stated that the Secretary of Health and Human Services had to publicize official standards for the electronic exchange, privacy, and security of health-related information. (164.312 (a)) The Access Controls specifications include:Ģ. Access Controls: A covered entity must implement technical policies and procedures limiting access to systems containing electronically protected health information (ePHI) only to personnel with sufficient access rights. ( Click here to review the actual HIPAA Security Rule)ġ. There are five (5) specific HIPAA requirements as related to email.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |