Workstation Security Policies, v1.0

Specifies that a health care related organization must have policies for physical safeguards for all workstations that access electronic protected health information, to restrict access to authorized users.

Assessment Step

1
Physical Safeguard Policies (PhysicalSafeguardPolicies)
Does the covered entity or business associate have policies for physical safeguards for all workstations that access electronic protected health information, to restrict access to authorized users?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) that support the assessor's response to this assessment step.
A covered entity or business associate must perform these requirements in accordance with Section 164.306 (Security standards: General rules).

Conformance Criteria (1)

Physical Safeguard Policies
The covered entity or business associate must have policies for physical safeguards for all workstations that access electronic protected health information, to restrict access to authorized users.
Citations
HIPAA-Security-Rule
45 CFR Section 164.310(c)
HIPAA-Security-Rule
45 CFR Section 164.306