Continuing our HIPAA series, we are back with HIPAA compliance: Administrative safeguards. While HIPAA Technical Safeguards deals primarily protecting electronic protected health information, administrative safeguards sets the foundations to implement HIPAA policies.
Administrative safeguards covers half of the HIPAA security requirements and includes but not limited to risk management and assessment, security responsibility, employees training, access control and management, contingency plan to address breaches or emergencies, and business associates management. Let’s delve deeper into these safeguards with an infographic:Embed This Image On Your Site (copy code below):
Administrative safeguards compliance require an evaluation of your current security controls and practices, a thorough risk assessment and document processes internally and of business associates which may have access to PHI. Although many items under administrative safeguards still fall under addressable category, but having those items in place in combination with technical and physical safeguards can make it easier to prevent and address any data breaches.