When It Comes to Security Compliance, Don’t Neglect Facilities; Audits Can Help

Ransomware may grab the headlines but covered entities (CEs) should also be sensitive to physical security vulnerabilities and relevant requirements in the HIPAA Security Rule.

“Physical safeguards are part of the three-legged stool—physical, technical and administrative safeguards,” said Robert Trusiak, an attorney in Buffalo, N.Y. Technical safeguards get the most attention because they relate to the “electronic security that you’re wrapping your cybersecurity infrastructure around,” he said. “Everyone talks about technical and to a lesser extent administrative safeguards, and often people don’t spend any time on physical safeguards. But you need to be mindful of it.”

This document is only available to subscribers. Please log in or purchase access.

Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field