Technical Safeguards
Technical Safeguards Protect PHI

Why Technical Safeguards?

Technical safeguards protect PHI and have become a major part of any HIPAA Privacy program. They are key elements that help to maintain the safety of ePHI as the internet changes.  Consequently technical safeguards are important due to technology advancements in the health care industry. The challenge of healthcare organizations is that of protecting electronic protected health information (EPHI).   Most importantly, this includes items such as electronic health records, from various internal and external risks.

Comply with Technical Safeguards

The Security Rule, requires for a covered entity to comply with the Technical Safeguard standards and certain implementation specifications.  A covered entity may use any security measures that allow it to reasonably and appropriately do so.

Define “Technical Safeguards”

The Security Rule defines technical safeguards as “the technology and the policy and procedures for its use that protect electronic protected health information and control access to it.”  Consequently, this rule is based on several fundamental concepts.  These are flexibility, scalability and technology neutrality. Therefore, no specific requirements for types of technology to implement are identified.

Implementing “The Security Rule”

The Rule allows the use of security measures.  Consequently, these allows it to reasonably and appropriately  implement the standards and implementation specifications.  Because of this the covered entity must determine which security measures and specific technologies are reasonable and appropriate for implementation in its organization.  There are a variety of  measures which can assist an organization to meet these standards.  A more detailed description can be found at the HIPAA Security Series published by HHS.gov.

The Importance of “The Security Rule”

Technical safeguards are important due to technology advancements.  The take away is that Technical Safeguards protect PHI.  Most importantly covered entities and business associates who deal with electronic PHI must review their use of Technical Safeguards to be fully in compliance.  

Feel free to contact us for more guidance on this important topic.