Difference between revisions of "Administrative Safeguards"
From Clinfowiki
| Line 1: | Line 1: | ||
| − | Administrative Safeguards | + | == First Definition == |
| + | |||
| + | === Administrative Safeguards === | ||
| + | |||
These are going to be policies and procedures put in place or actions that an organization will take to ensure that the protection of electronic protected health (PHI) information. They are put in place to ensure the following: | These are going to be policies and procedures put in place or actions that an organization will take to ensure that the protection of electronic protected health (PHI) information. They are put in place to ensure the following: | ||
| − | |||
| − | + | * Identify and analyze potential risk to PHI and that there are appropriate security measures to reduce the risk and vulnerabilities, | |
| − | + | * That the policies and procedure should allow access to PHI only to appropriate associates who have a need to know based on the roles the play in an organization, | |
| − | + | * Designate an individual or security officer whose sole responsibility is to develop, implement, and enforce the said policies and procedures, | |
| − | + | * Proper supervision of employees or associates authorized to handle e-PHI and that these individuals are appropriately trained, and established appropriate sanctions are in place to violators of these policies and procedure, | |
| + | |||
| + | * Finally, each organizations should have policies and procedures in place to perform periodic assessment on how well they it's establish policies and procedures meet the requirement for Administrative Safeguards. | ||
The administrative safeguards implemented, should be consistent with the Privacy Rule Standards related to use and disclosure of PHI. | The administrative safeguards implemented, should be consistent with the Privacy Rule Standards related to use and disclosure of PHI. | ||
| + | == Second Definition == | ||
| + | |||
| + | |||
| + | |||
| + | === Administrative Safeguards Standards === | ||
| + | |||
| + | <ref name="Security Standards"> US Department of Health and Human Services. (2007). Security standards: administrative safeguards (rev.). HIPAA Security Series, 2(2). http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/adminsafeguards.pdf </ref> | ||
| + | |||
| + | == Resources == | ||
| + | <references/> | ||
[[Category: Definition]] | [[Category: Definition]] | ||
Revision as of 01:17, 19 November 2015
Contents
First Definition
Administrative Safeguards
These are going to be policies and procedures put in place or actions that an organization will take to ensure that the protection of electronic protected health (PHI) information. They are put in place to ensure the following:
- Identify and analyze potential risk to PHI and that there are appropriate security measures to reduce the risk and vulnerabilities,
- That the policies and procedure should allow access to PHI only to appropriate associates who have a need to know based on the roles the play in an organization,
- Designate an individual or security officer whose sole responsibility is to develop, implement, and enforce the said policies and procedures,
- Proper supervision of employees or associates authorized to handle e-PHI and that these individuals are appropriately trained, and established appropriate sanctions are in place to violators of these policies and procedure,
- Finally, each organizations should have policies and procedures in place to perform periodic assessment on how well they it's establish policies and procedures meet the requirement for Administrative Safeguards.
The administrative safeguards implemented, should be consistent with the Privacy Rule Standards related to use and disclosure of PHI.
Second Definition
Administrative Safeguards Standards
Resources
- ↑ US Department of Health and Human Services. (2007). Security standards: administrative safeguards (rev.). HIPAA Security Series, 2(2). http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/adminsafeguards.pdf
