This article addresses the administrative safeguard requirements, and offers a quiz. The user is invited to answer some multiple choice questions. Each question asks, “Which of the Following is an Administrative Safeguard for PHI?”
Which of the Following is an Administrative Safeguard for PHI? An Overview
HIPAA security standards consist of four general rules for covered entities and business associates to follow:
- Ensure the confidentiality, integrity, and availability of all electronic protected health information the covered entity or business associate creates, receives, maintains, or transmits.
- Protect against any reasonably anticipated threats or hazards to the security or integrity of such information.
- Protect against any reasonably anticipated uses or disclosures of such information that are not permitted or required.
- Ensure the covered entity or business associate’s workforce complies with the HIPAA Security Rule.
Is your organization secure? Download the free cybersecurity eBook to get tips on how to protect your patient information.
To ensure compliance with these rules, HIPAA requires that covered entities implement administrative safeguards, technical safeguards, and physical safeguards.
HIPAA Security Rule technical safeguards are defined as “the technology and the policy and procedures for its use that protect electronic protected health information and control access to it.”
HIPAA Security Rule physical safeguards consist of “physical measures, policies, and procedures to protect a covered entity’s electronic information systems and related buildings and equipment, from natural and environmental hazards, and unauthorized intrusion.”