Q

Physical security requirements under HIPAA

Are there physical security requirements that are detailed or assumed in HIPAA?
Overall, physical safeguards comprise 24% of the Security Rule, but the requirements are pretty vague. Regarding physical access controls, the rule has an addressable implementation specification that states, "Implement procedures to control and validate a person's access to facilities based on their role or function, including visitor control and control of access to software programs for testing and revision." I would recommend you read the entire physical controls section on page 46 of the Security Rule here.
For more info on this topic, please visit these SearchSecurity.com resources:
  • Security Policies Tip: Policy for the real world -- Physical security
  • Infosec Bookshelf: Securing the Enterprise
  • This was last published in January 2004

    Dig Deeper on HIPAA

    PRO+

    Content

    Find more PRO+ content and other member only offers, here.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    Start the conversation

    Send me notifications when other members comment.

    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

    Please create a username to comment.

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close