HIPAA mandates that organizations conduct an assessment of potential risks and vulnerabilities to systems that maintain electronic protected health information (ePHI) data and that they implement security measures sufficient to reduce risks and vulnerabilities to that data. The security rule in HIPAA focuses on administrative, technical, and physical safeguards specifically as they relate to ePHI.
|
|