2. WHERE SECURITY OF HIPAA
BEGIN:
• SECURITY STANDARDS FOR THE PROTETION OF ELECTRONIC
PROTEDTED HEALTH INFORMATION BEGINS WITH ENSURING THE
ADMINISTRATIVE STAFF HAS CLEAR BACKGROUNDS.
• ENSURING EACH USER HAS AUTHORIZATION TO ACCESS THE
ELECTRONIC PROTEDTED HEALTH INFORMATION
• ENSURING THE TRAINING IMPLEMENT ALL THE SECURITY
STANDARDS
3. SECURITY REMINDERS
• PERIODIC SECURITY UPDATES
• AUTOMATIC EMAIL REMINDERS TO USERS
• DISCUSSION IN MONTHLY MEETINGS
• RETRAINING ON SECURITY PROCEDURES
4. PROTECTION FROM MALICIOUS
SOFTWARE
• PROCEDURES FOR GUARDING AGAINST, DETECTING, AND
REPORTING MALICIOUS SOFTWARE
• USERS MUST BE VIGILANT OF OPENING EMAILS, PROGRAMS
AND DOWNLOADING FROM THE INTERNET
• IMPLEMENTATION OF TRAINING IN REGARDS TO
MALICIOIUS SOFTWARE
5. LOG-IN MONITORING
• PROCEDURES FOR MONITORING LOG ON ATTEMPTS AND
REPORTING DISCREPANCIES
• MANY SYSTEMS CAN IDENTIFY MULTIPLE UNSUCESSFUL
ATTEMPTS WHICH RAISE CONCERNS
• WORKFORCE MUST BE MADE AWARE OF HOW TO USE AND
MONITOR LOG-IN ATTEMPTS
6. PASSWORD MANAGEMENT
• PROCEDURES FOR CREATING, CHANGING, AND
SAFEGUARDING PASSWORDS
• CREATE PASSWORDS THAT ARE A COMBINATION OF
SYMBOLS, NUMBERS AND CASE SENSITIVE
• ENSURE USERS DO NOT EXPOSE PASSWORDS OR SHARE
WITH OTHERS
