Problem solve Get help with specific problems with your technologies, process and projects.

Physical security requirements under HIPAA

Are there physical security requirements that are detailed or assumed in HIPAA?
Overall, physical safeguards comprise 24% of the Security Rule, but the requirements are pretty vague. Regarding physical access controls, the rule has an addressable implementation specification that states, "Implement procedures to control and validate a person's access to facilities based on their role or function, including visitor control and control of access to software programs for testing and revision." I would recommend you read the entire physical controls section on page 46 of the Security Rule here.
For more info on this topic, please visit these SearchSecurity.com resources:
  • Security Policies Tip: Policy for the real world -- Physical security
  • Infosec Bookshelf: Securing the Enterprise
  • This was last published in January 2004

    Dig Deeper on HIPAA

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.