For this, the official needs to adhere to the Privacy and Security Rules and make sure that access to information is granted to various roles and designations, as deemed necessary. Furthermore, they will need to arrange for sessions, educating their workforce about the sensitivity of the data they will be handling, and the correct way of working with ePHI. Subsequently, the official will need to make sure that his department has enabled “Facility Access and Control” and “Workstation and Device Security” (Regola & Chawla, 2013). As a last step, the technical safeguards such as access control, audit controls, integrity controls, and transmission security need to be prepared. Best practices would entail the review and update of all policies and protocols on a regular
For this, the official needs to adhere to the Privacy and Security Rules and make sure that access to information is granted to various roles and designations, as deemed necessary. Furthermore, they will need to arrange for sessions, educating their workforce about the sensitivity of the data they will be handling, and the correct way of working with ePHI. Subsequently, the official will need to make sure that his department has enabled “Facility Access and Control” and “Workstation and Device Security” (Regola & Chawla, 2013). As a last step, the technical safeguards such as access control, audit controls, integrity controls, and transmission security need to be prepared. Best practices would entail the review and update of all policies and protocols on a regular