Facility Security Plan Policies, v1.0

Specifies that a health care related organization must have policies to safeguard the facility and the equipment therein from unauthorized physical access, tampering, and theft.

Assessment Step

1
Policies to Safeguard Facility (PoliciestoSafeguardFacility)
Does the covered entity or business associate have policies to safeguard the facility and the equipment therein from unauthorized physical access, tampering, and theft?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) that support the assessor's response to this assessment step.
A covered entity or business associate must perform these requirements in accordance with Section 164.306 (Security standards: General rules).

Conformance Criteria (1)

Policies to Safeguard Facility
The covered entity or business associate must have policies to safeguard the facility and the equipment therein from unauthorized physical access, tampering, and theft.
Citations
HIPAA-Security-Rule
45 CFR Section 164.310(a)(2)(ii)
HIPAA-Security-Rule
45 CFR Section 164.306