HIPAA Technical Safeguards Profile, v1.0

Profile of the requirements in the HIPAA Technical Safeguards section (164.312) by collecting all the relevant TIPs and TDs.
Publication Date 2017-02-17
Issuing Organization
No Responder help@trustmarkinitiative.org 404-407-8956 75 5th Street NW, Suite 900, Atlanta, GA 30308
Keywords There are no keywords.
Legal Notice This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.
Loading...

Trust Expression:

TD_AccessControlPoliciesandProceduresforePHI and TD_AccessControlUniqueUserIdentification and TD_AccessControlUniqueUserTracking and TD_AccessControlEmergencyAccessProcedure and TD_AccessControlAutomaticLogoff and TD_AccessControlEncryptionandDecryption and TD_AuditControlsonHardwareandSoftware and TD_AuditControlsProcedures and TD_IntegrityofePHIPolicies and TD_IntegrityofePHIProcedures and TD_PersonorEntityAuthentication and TIP_HIPAATransmissionSecurityProfile

References (12)

 TIP  HIPAA Transmission Security Profile, v1.0
Description Profile of HIPAA Transmission Security (per 45 CFR Section 164.312(e)) requirements to guard against unauthorized access to e-PHI.
ID TIP_HIPAATransmissionSecurityProfile
 TD  Access Control - Policies and Procedures for e-PHI, v1.0
Description Specifies that a health care related organization must implement technical policies and procedures for electronic information systems that maintain electronic protected health information to allow access only to those persons or software programs that have been granted access rights as specified in Section 164.308(a)(4).
ID TD_AccessControlPoliciesandProceduresforePHI
Provider Reference
 TD  Access Control - Unique User Identification, v1.0
Description Specifies that a health care related organization must assign a unique name and/or number for identifying user identity.
ID TD_AccessControlUniqueUserIdentification
Provider Reference
 TD  Access Control - Unique User Tracking, v1.0
Description Specifies that a health care related organization must assign a unique name and/or number for tracking user identity.
ID TD_AccessControlUniqueUserTracking
Provider Reference
 TD  Access Control - Emergency Access Procedure, v1.0
Description Specifies that a health care related organization must establish (and implement as needed) procedures for obtaining necessary electronic protected health information during an emergency.
ID TD_AccessControlEmergencyAccessProcedure
Provider Reference
 TD  Access Control - Automatic Logoff, v1.0
Description Specifies that a health care related organization must implement electronic procedures that terminate an electronic session after a predetermined time of inactivity.
ID TD_AccessControlAutomaticLogoff
Provider Reference
 TD  Access Control - Encryption and Decryption, v1.0
Description Specifies that a health care related organization must implement a mechanism to encrypt and decrypt electronic protected health information.
ID TD_AccessControlEncryptionandDecryption
Provider Reference
 TD  Audit Controls on Hardware and Software, v1.0
Description Specifies that a health care related organization must implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.
ID TD_AuditControlsonHardwareandSoftware
Provider Reference
 TD  Audit Controls Procedures, v1.0
Description Specifies that a health care related organization must implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.
ID TD_AuditControlsProcedures
Provider Reference
 TD  Integrity of e-PHI Policies, v1.0
Description Specifies that a health care related organization must have policies to protect electronic protected health information from improper alteration or destruction and must have policies for electronic mechanisms to corroborate that electronic protected health information has not been altered or destroyed in an unauthorized manner.
ID TD_IntegrityofePHIPolicies
Provider Reference
 TD  Integrity of e-PHI Procedures, v1.0
Description Specifies that a health care related organization must implement procedures to protect electronic protected health information from improper alteration or destruction and must implement electronic mechanisms to corroborate that electronic protected health information has not been altered or destroyed in an unauthorized manner.
ID TD_IntegrityofePHIProcedures
Provider Reference
 TD  Person or Entity Authentication, v1.0
Description Specifies that a health care related organization must implement procedures to verify that a person or entity seeking access to electronic protected health information is the one claimed.
ID TD_PersonorEntityAuthentication
Provider Reference
Also available as XML or JSON