[ Wednesday, October 06, 2010 ]
This has been a HIPAA requirement from day one; only those with a need to know should have access to PHI. But implementation and fine-tuning of access management policies in light of HITECH has raised the profile of the issue. It's definitely a security issue, since many breaches are caused by employees or contractors who perhaps shouldn't have access to the data in the first place. Now there's a white paper
out the issue.
Jeff [9:49 AM]
Blogger: HIPAA Blog - Edit your Template