What Are Administrative Controls?

What Are HIPAA Administrative Safeguards to Protect ePHI?

One of the HIPAA Security Rule requirements is that covered entities and business associates have administrative controls in place. Once you have completed your HIPAA risk analysis, you should have a good idea of what administrative controls are appropriate for your organization to protect ePHI. Having administrative safeguards in place is important for both the prevention and mitigation of a data breach.

Stephanie Rodrigue discusses HIPAA Administrative Safeguards

What are Administrative Safeguards?

According to the Office for Civil Rights, the Security Rule defines administrative safeguards as, “administrative actions, and policies and procedures, to manage the selection, development, implementation, and maintenance of security measures to protect electronic protected health information (ePHI) and to manage the conduct of the covered entity’s workforce in the relation to the protection of that information.”

Examples of administrative controls can be things like employee training, security awareness, written policies and procedures, incident response plans, business associate agreements, and background checks.

In order to satisfy this requirement, your organization must demonstrate and provide evidence that you have the appropriate administrative controls in place and that they are operating effectively. This means that your risk analysis results have been analyzed, and the appropriate administrative controls and security measures have been put in place to effectively address these risks. For more help on determining whether you have the appropriate administrative controls in place, contact us today.

2 replies

Trackbacks & Pingbacks

  1. […] are three types of required safeguards to protect ePHI: administrative, technical, and physical. Administrative safeguards cover personnel, training, access and process. […]

  2. […] includes the auditor’s determination of the level of compliance with the HIPAA Security Rule’s Administrative, Physical, and Technical Safeguards.  These safeguards are an important part of preventing and […]

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *