(a) A covered entity must, in accordance with § 164.306:
(4)(i) Standard: Information access management. Implement policies and procedures for authorizing access to electronic protected health information that are consistent with the applicable requirements of subpart E of this part.
The information access management standard has three(3) implementation specifications:
- (A) Isolating health care clearinghouse functions (Required).
- (B) Access authorization (Addressable).
- (C) Access establishment and modification (Addressable).
Latest posts by admin (see all)
- Clearwater Says New National Survey Findings A ‘Wake-up Call’ for Health System Cybersecurity - October 31, 2018
- Healthcare’s Most Wired: National Trends 2018 - October 31, 2018
- Clearwater’s IRM|PRO SAAS Platform Included in NIST SP 1800-8 “Securing Wireless Infusion Pumps” Practice Guide - October 2, 2018