Security Awareness and Training - Password Management, v1.0
Specifies that a health care related organization must implement procedures for creating, changing, and safeguarding passwords.
Assessment Step
1
Password Management (PasswordManagement)
Does the covered entity or business associate have procedures for creating, changing, and safeguarding passwords?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) that support the assessor's response to this assessment step.
|
A covered entity or business associate must perform these requirements in accordance with Section 164.306 (Security standards: General rules).
Conformance Criteria (1)
Password Management
The covered entity or business associate must implement procedures for creating, changing, and safeguarding passwords.
Citations
HIPAA-Security-Rule
45 CFR Section 164.308(a)(5)(ii)(D)
HIPAA-Security-Rule
45 CFR Section 164.306
|