• Home
  • Blog
  • Contact

Call us toll free 0800 0000 900

support@hipaa.com
HIPAA ComplianceHIPAA Compliance
HIPAA ComplianceHIPAA Compliance
  • Home
  • Blog
  • Contact

Technical Safeguard Standards of the HIPAA Administrative Simplification Security Rule

June 1, 2009 HIPAA Law No Comments

There are five technical safeguard standards:  access control, audit controls, integrity, person or entity authentication, and transmission security. Each standard has implementation specifications, which can be required or addressable. Remember, addressable does not mean “optional.”  Rather, an addressable implementation specification means that a covered entity must use reasonable and appropriate measures to meet the standard. As we have noted in earlier postings on HIPAA.com, business associates of covered entities will be required to comply with the Security Rule safeguard standards, beginning February 17, 2010. This requirement is one of the HITECH Act provisions of the American Recovery and Reinvestment Act (ARRA), signed by President Obama on February 17, 2009.

Technical safeguard standards are “the technology and the policies and procedures for its use that protect electronic protected health information and control access to it.” [68 Federal Register 8376]  The Technology Safeguard Standards protect a covered entity’s electronic information assets, including electronic protected health information that is use, disclosed, transmitted, or stored in the covered entity’s electronic environment. The electronic environment includes all computer workstations, laptops, handheld devices, database servers, applications servers, data management systems, and infrastructure devices. Administrative and physical safeguards that we have discussed in earlier postings on HIPAA.com apply to actions that workforce members perform routinely on a daily basis. Technical safeguards apply to actions that are related to software performance.

Over the next two weeks, HIPAA.com will examine the ten implementation specifications for Technical Safeguard Standards. HIPAA.com also will discuss, in the examination of the 10th implementation specification-encryption-HHS’ “Guidance Specifying the Technologies and Methodologies that Render Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals,” issued April 17, 2009, as required under the HITECH Act. Stay tuned.

Tags: 20092010access controladdressableAdministrative SafeguardAmerican Recovery and Reinvestment Actapplication serverARRAaudit controlsbusiness associatecovered entitydata management systemdatabase serverelectronic protected health informationencryptionentity authenticationFebruary 17Federal RegisterguidanceHHSHIPAA Administrative SimplificationHITECH Actimplementation specificationlaptopperson authenticationphysical safeguardPresident ObamarequiredSecurity RuleTechnical safeguard standardstransmission securityworkforceworkstation
No Comments
Share
0

You also might be interested in

Integrity: What This HIPAA Security Rule Technical Safeguard Standard Means

Jun 11, 2009

This is the third Technical Safeguard Standard of the HIPAA[...]

Exploring HIPAA and HITECH Act Definitions: Part 16

Dec 28, 2009

From now through early December, HIPAA.com is providing a run[...]

ONC Issues Meaningful Use Guide for Privacy & Security Attestation Compliance

May 9, 2012

May 9, 2012.  The Office of the National Coordinator for[...]

Leave a Reply Cancel Reply

Categories

  • 5010
  • American Recovery and Reinvestment Act
  • Enforcement
  • GINA
  • Health Care Reform
  • Health IT and HITECH
  • HIPAA Law
  • Identifiers
  • Meaningful Use
  • Privacy
  • Red Flags Rules
  • Security
  • Transactions & Code Sets
  • Uncategorized

Recent Posts

  • Contracting with Vendors that are NOT HIPAA Business Associates: Best Practices
  • HIPAA Breach: Who You Gonna Call?
  • Can I Be Sued for a HIPAA Violation?
  • Business Associate Agreements – a First Look at Indemnification
  • Gmail, Google Apps for Business HIPAA Business Associate Agreements

Archives

Contact Us

We're currently offline. Send us an email and we'll get back to you, asap.

Send Message

© 2023 · hipaa.com

Prev Next