Assigned Security Responsibility, v1.0

Specifies that a health care related organization must identify the security official who is responsible for the development and implementation of the policies and procedures required by the Security Rule.
Provide the name, contact info and today's date for the assigned security official.

Assessment Step

1
Security Official (SecurityOfficial)
Does the covered entity or business associate identify the security official who is responsible for the development and implementation of the policies and procedures required by this subpart (Section 164.300-399) for the organization?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) that support the assessor's response to this assessment step.
A covered entity or business associate must perform these requirements in accordance with Section 164.306 (Security standards: General rules).

Conformance Criteria (1)

Check Security Official
The covered entity or business associate must identify the security official who is responsible for the development and implementation of the policies and procedures required by this subpart (Section 164.300-399) for the organization.
Citations
HIPAA-Security-Rule
45 CFR Section 164.308(a)(2)
HIPAA-Security-Rule
45 CFR Section 164.306