(a)(1) Standard: Access control. Implement technical policies and procedures for electronic information systems that maintain electronic protected health information to allow access only to those persons or software programs that have been granted access rights as specified in § 164.308(a)(4).
The Access control standard includes four (4) implementation specifications:
- (i) Unique user identification (Required).
- (ii) Emergency access procedure (Required).
- (iii) Automatic logoff (Addressable).
- (iv) Encryption and decryption (Addressable).
Latest posts by admin (see all)
- Clearwater Says New National Survey Findings A ‘Wake-up Call’ for Health System Cybersecurity - October 31, 2018
- Healthcare’s Most Wired: National Trends 2018 - October 31, 2018
- Clearwater’s IRM|PRO SAAS Platform Included in NIST SP 1800-8 “Securing Wireless Infusion Pumps” Practice Guide - October 2, 2018