Upcoming Webinars 

Disclaimer

The analysis of any legal or medical billing is dependent on numerous specific facts — including the factual situations present related to the patients, the practice, the professionals and the medical services and advice. Additionally, laws and regulations and insurance and payer policies are subject to change. The information that has been accurate previously can be particularly dependent on changes in time or circumstances. The information contained in this web site is intended as general information only. It is not intended to serve as medical, health, legal or financial advice or as a substitute for professional advice of a medical coding professional, healthcare consultant, physician or medical professional, legal counsel, accountant or financial advisor. If you have a question about a specific matter, you should contact a professional advisor directly. CPT copyright American Medical Association. All rights reserved. CPT is a registered trademark of the American Medical Association.

Menu
Log in


Log in

HIPAA Security Rule

The Security Rule specifically focuses on protecting the confidentiality, integrity, and availability of EPHI, as defined in the Security Rule. The EPHI that a covered entity creates, receives, maintains, or transmits must be protected against reasonably anticipated threats, hazards, and impermissible uses and/or disclosures.

Important Definitions

Who does the Security Rule apply to?

What is the difference between “Required” and “Addressable” specifications?

Administrative Safeguards

  • Security Management Process
  • Assigned Security Responsibility
  • Workforce Security
  • Information Access Management
  • Security Awareness and Training
  • Security Incident Procedures
  • Contingency Plan
  • Evaluation

Physical Safeguards

  • Facility Access Controls
  • Workstation Use
  • Workstation Security
  • Device and Media Controls

Technical Safeguards

  • Access Control
  • Audit Controls
  • Integrity
  • Person or Entity Authentication
  • Transmission Security

Organizational Requirements

  • Business Associate Contracts or other Arrangements

Policies and Procedures and Documentation Requirements

    • Policies and Procedures
    • Documentation

Sample Policies and Procedures

Powered by Wild Apricot Membership Software