Answer:
The HIPAA security rule defined the technical security safeguards under the following categories : Access control, Audit control, Integrity, Authentification and transmission security.
Explanation:
Apart from the administrative and physical safeguards, the HIPAA requires from all facilities dealing with health information to:
- determiine the right user with permissions to carry out their defined functions through the facility programs or information systems (access control),
- establish and implement all hardware, software and procedures that have to record, analyse or transmit health data (audit control),
- establish security measures to avoid alteration or modification of health information that is transmitted electronically, without detection (integrity),
- ensure all users are verified and authorised to carry out their functions (authentification),
- safeguard data transfer and prevent unauthorised transmission ( transmission safety).
Other measure that could be addressed include encrypting health data, automatic log-off and also adapting the type of control to the size of the the facility and possibly reduce cost.
