This article describes the HIPAA information access management requirements for
accessing electronic protected health information.
Not exact matches
OCR's investigation uncovered that North Memorial's business associate had
access to its hospital database containing
electronic protected health information (e-PHI) of more than 289,000 patients in order to perform payment and operations activities on its behalf.
«Implement policies and procedures for authorizing
access to
electronic protected health information that are consistent with the applicable requirements of subpart E of this part.»
An auditor will determine whether formal policies exist to control
access to backups of
electronic protected health information and related documentation in the event of a disaster.