Administrative controlRisk Management ProcessAssigned Security ResponsibilityWorkstation Security (administrative safeguard) is actions, policies and procedures taken by and administration to manage the selection, development and implementation and maintenance of security measures to protect ePHI. The HHS identifies the administrative controls necessary for HIPAA compliance.Policies and ProceduresInformation Access ManagementSecurity Awareness and TrainingSecurity Incident ProceduresContingency PlanEvaluationBusiness Associate Contracts-       Risk Management is a required implementation specification, with purpose to address risks and vulnerabilities of ePHI. Through risk management healthcare organization can identify and implement security measure deemed appropriate to reduce risk to acceptable standards.-       Assigned Security Responsibility identifies who is operationally responsible in assuring that covered entities comply with HIPAA security rules. Covered entities are therefore required to designate a Privacy Official who will ensure HIPAA privacy and security rules followed.Technical safeguards include mechanisms that can be configured to automatically help secure data. It is the technology, policy and procedures used to protect ePHI and to control access.The following technical controls deemed necessary for HIPAA compliance by the HHS:Access ControlAudit ControlsIntegrityPerson or Entity AuthenticationTransmission Security-       Access controls provide authorized users with rights and/or privileges to access and perform functions using information systems, applications, programs, or files. These authorized users can only access the minimum necessary information needed to perform job functions (Gazelle Consulting, 2019)).-       User identification is a way to identify a specific user of an information system, typically by name employee ID number. And these users can only have access during work hours. If an authorized user is not scheduled to work that day, he/she would not be able to access ePHI. A unique user identifier allows an entity to track specific user activity when that user is logged into an information system. It enables an entity to hold users accountable for functions performed on information systems with ePHI when logged into those systems. Physical safeguards are security controls put in place to guard the facilities housing PHI and devices. Physical safeguards are designed to prevent unauthorized users from walking off with your server or plugging a USB cable directly into your wi-fi router.The following physical controls are found necessary for HIPAA compliance:Facility AccessWorkstation UseWorkstation SecurityDevice and Media Controls-       Facility Access Control requires covered entities to Implement policies and procedures to limit physical access to its electronic information systems and the facility or facilities in which they are housed but ensures properly authorized access is allowed (HHS.gov). –       With Workstation Use, Workstation Security standard requires that covered entities Implement physical safeguards for all workstations that access electronic protected health information, to restrict access to authorized users. For example, by using privacy monitor screens, and cubicle workstations.READ THE ABOVE. What do you agree and disagree with? What did you find interesting? What else might you add? Explain.Health ScienceScienceNursing HCI 655

Don't use plagiarized sources. Get Your Custom Essay on
Administrative controlRisk Management ProcessAssigned Securi
Just from $10/Page
Order Essay

Order your essay today and save 10% with the discount code ESSAYHELP