- Physical security
- Technical security
Administrative SafeguardsWithin the HIPAA security rule, administrative policies ensure that patient data is correct and accessible to authorized personnel. The Administrative safeguards to consider are the following:
- Security management process – analyzing risk to Protected Health Information (PHI)
- Security Personnel – develop and carry out the security and procedures.
- Information Access Management
- Workforce Training and Management – training and supervision of professionals with access to PHI.
- Evaluation – Periodic Risk Assessments must be done to assess whether security requirements are met.