HIPAA - Standards 164.306(c)

Overview:
A covered entity must comply with the standards as provided in this section and in § 164.308, § 164.310, § 164.312, § 164.314, and § 164.316 with respect to all electronic protected health information.

Action Items:
1) Obtain and review policies and procedures related to electronic protected health information classification and handling.
2) Evaluate and determine if the documents adhere to the standards outlined for properly handling electronic protected health information.

Related Documents:
1) Data Classification & Handling Policy

Additional Guidance:
All HIPAA covered entities must comply with the Security Rule. Compliance with the Security Rule means following the the standards, requirements, and implementation specifications of HIPAA. The Security Rule sets the standards for ensuring that only those who should have access to ePHI will actually have access.