HIPAA Best Practices


HIPAA requires covered entities to safeguard protected health information (PHI) during access, use, disclosure and storage. These safeguards are required to ensure the privacy and security of the data. Safeguards include, but are not limited to:

  • Administrative Safeguards
    • Policies
    • Procedures
    • Agreements
    • Training
  • Physical Safeguards
    • Location
    • Physical access
  • Technical Safeguards
    • Encryption
    • Firewalls
    • Technical access controls