Frequently Asked Questions

HIPAA PCI IT SECURITY LORICCA LEXICON

What is the purpose of the HIPAA Security Rule?

Are we required to certify our organization’s compliance?

How can we know if our organization meets the HIPAA Security Rule requirements?

Who should perform the required Risk Assessment?

Does the Security Rule apply to written and oral communications?

Does the Security Rule require the use of specific technologies, software or tools?

What is the difference between addressable and required implementation specifications in the Security Rule?

Is the Security Rule suspended during a national or public health emergency?

Who enforces the HIPAA privacy and security standards?

Is the use of encryption mandatory in the Security Rule?

What does the Security Rule mean by physical safeguards?

What is the difference between Risk Analysis and Risk Management in the Security Rule?

What threats should covered entities address when conducting their risk analysis in order to comply with the Security Rule?

What must an organization do to comply with the Security Incidents Procedures standard?

How can a small healthcare provider implement the standards in the Security Rule?

Do the Security Rule requirements for access control apply to employees who telecommute or have home-based offices?

Can ePHI be sent in an email or over the Internet?

Does the Security Rule require the use of an electronic or digital signature?

Does the Security Rule mandate minimum operating system requirements for personal computer systems?

Are covered entities required to use the National Institute of Standards and Technology (NIST) guidance documents?

Does the Security Rule permit a covered entity to assign the same log-on ID or user ID to multiple employees?

Does the Security Rule allow us to connect computers within the covered entity, between two covered entities, or between a covered entity
and its business associate(s) so that they can exchange information directly?

What are Administrative Safeguards within the Security Rule?

What are Physical Safeguards within the Security Rule?

What are Technical Safeguards within the Security Rule?

What are the key requirements for Policies & Procedures and Documentation?

What about State laws and preemption?

Is your organization HIPAA compliant?

Contact us to find out sooner rather than later.

Ask about our letters of attestation that demonstrate your compliance!