Upcoming Webinars

Site Updates


The analysis of any legal or medical billing is dependent on numerous specific facts — including the factual situations present related to the patients, the practice, the professionals and the medical services and advice. Additionally, laws and regulations and insurance and payer policies are subject to change. The information that has been accurate previously can be particularly dependent on changes in time or circumstances. The information contained in this web site is intended as general information only. It is not intended to serve as medical, health, legal or financial advice or as a substitute for professional advice of a medical coding professional, healthcare consultant, physician or medical professional, legal counsel, accountant or financial advisor. If you have a question about a specific matter, you should contact a professional advisor directly. CPT copyright American Medical Association. All rights reserved. CPT is a registered trademark of the American Medical Association.

Log in

Log in

Technical Safeguards

Technical safeguards means the technology and the policy and procedures for its use that protect electronic protected health information and control access to it.

Access Control

    • Unique user identification
    • Emergency access procedure
    • Automatic logoff
    • Encryption and decryption

Audit Controls

    • Determine the Activities that Will Be Tracked or Audited
    • Select the Tools that Will Be Deployed for Auditing
    • Develop and Deploy the Information System Activity Review/Audit Policy
    • Implement the Audit/System Activity Review Process


    • Integrity Controls
    • Identify Any Possible Unauthorized Sources that May Be Able to Intercept and/or Modify the Information
    • Develop and Implement Transmission Security Policy and Procedures
    • Implement Integrity Controls
    • Encryption

Person or Entity Authentication

    • Mechanism to Authenticate EPHI
    • Identify All Users Who Have Been Authorized to Access EPHI
    • Identify Any Possible Unauthorized Sources that May Be Able to Intercept the Information
    • Implement a Mechanism to Authenticate EPHI
    • Establish a Monitoring Process to Assess How the Implemented Process Is Working

Transmission Security

    • Determine Authentication Applicability to Current Systems/Applications
    • Evaluate Authentication Options Available
    • Select and Implement Authentication Option

Related Policies and Procedures (Available for Yearly Members)

Access Controls

Audit Controls

Person or Entity Authentication

Transmission Security

About Us

Therapy Comply is a healthcare compliance firm that seeks to bring high quality web-based compliance guidance and one-on-one consulting services to small and medium size physical, occupational, and speech therapy practices.

Learn More 

Join Us

Join today as either a monthly or a yearly member and enjoy full access to the site and a significant discount to our live and recorded webinars.  Members also have access to compliance and billing support.

Join Today 

Find Us

Powered by Wild Apricot Membership Software