In summary, Part 164 Subpart C | HIPAA 164.312: Technical Safeguards requires the following:
- Implement technical policies and procedures for electronic information systems that maintain ePHI to allow access only to those persons or software programs that have appropriately granted access rights.
- Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use ePHI.
- Implement policies and procedures to protect electronic protected health information from improper alteration or destruction.
- Implement procedures to verify that a person or entity seeking access to electronic protected health information is the one claimed.
- Implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.
Covered entities, business associates and other relevant parties are to have comprehensive HIPAA policies and procedures in place addressing the aforementioned areas. As an employee of [company name], you have the right to request such documentation from authorized personnel for gaining a greater understanding of HIPAA 164.312 and general best practices relating to the protection of electronically Protected Health Information (ePHI). Note: 164.312 places a heavy emphasis on information security topic, for which you’ll learn about throughout the HIPAA security awareness training material.
Download HIPAA Policies and Compliance Toolkits Today
hipaapoliciesandprocedures.com also offers industry leading HIPAA toolkits for both Covered Entities (CE) and Business Associates (BA) consisting of high-quality security policies and procedures, training material, readiness checklists and templates, essential legal forms, a HIPAA specific disaster recovery manual, and so much more. Learn about our industry leading HIPAA compliance toolkits today.