Ask the Expert

Physical security requirements under HIPAA

Are there physical security requirements that are detailed or assumed in HIPAA?

    Requires Free Membership to View

Overall, physical safeguards comprise 24% of the Security Rule, but the requirements are pretty vague. Regarding physical access controls, the rule has an addressable implementation specification that states, "Implement procedures to control and validate a person's access to facilities based on their role or function, including visitor control and control of access to software programs for testing and revision." I would recommend you read the entire physical controls section on page 46 of the Security Rule here.
For more info on this topic, please visit these resources:
  • Security Policies Tip: Policy for the real world -- Physical security
  • Infosec Bookshelf: Securing the Enterprise

    This was first published in January 2004

  • There are Comments. Add yours.

    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: