Which of the Following is an Administrative Safeguard for PHI?

The HIPAA Security Rule requires covered entities and business associates to comply with security standards. Compliance with these standards consists of implementing administrative, technical and physical safeguards to protect the confidentiality, integrity, and availability of electronic protected health information (ePHI). The first of the three safeguards – administrative safeguards –  is concerned with policies, procedures and processes needed to protect ePHI from being impermissibly used or disclosed. 

PHI Administrative Safeguard

This article addresses the administrative safeguard requirements, and offers a quiz. The user is invited to answer some multiple choice questions. Each question asks, “Which of the Following is an Administrative Safeguard for PHI?”

Which of the Following is an Administrative Safeguard for PHI? An Overview

HIPAA security standards consist of four general rules for covered entities and business associates to follow:

  • Ensure the confidentiality, integrity, and availability of all electronic protected health information the covered entity or business associate creates, receives, maintains, or transmits.
  • Protect against any reasonably anticipated threats or hazards to the security or integrity of such information. 
  • Protect against any reasonably anticipated uses or disclosures of such information that are not permitted or required
  • Ensure the covered entity or business associate’s workforce complies with the HIPAA Security Rule.

Is your organization secure? Download the free cybersecurity eBook to get tips on how to protect your patient information.

To ensure compliance with these rules, HIPAA requires that covered entities implement administrative safeguards, technical safeguards, and physical safeguards.

HIPAA Security Rule technical safeguards are defined as “the technology and the policy and procedures for its use that protect electronic protected health information and control access to it.”

HIPAA Security Rule physical safeguards consist of “physical measures, policies, and procedures to protect a covered entity’s electronic information systems and related buildings and equipment, from natural and environmental hazards, and unauthorized intrusion.”

Make Sure You’re HIPAA Compliant

Do you have the proper HIPAA administrative safeguards to protect patient PHI?