October 3rd, 2016
The HIPAA Security Rule requires covered entities to implement “appropriate” security measures and to maintain such precautions in a manner that is both “continuous” and “reasonable” in order to protect electronic protected health information (“e-PHI”). The HIPAA Security Rule identifies two different types of implementation specifications in its attempt – regrettably, only partially successful -to guide efforts to meet these laudable, but highly elastic, standards.
Read more of this co-written contributed article
from Eric Armstrong, Controller and Compliance Manager at WhamTech