|
person
or entity authentication (HIPAA)
Covered entities
must implement person or entity authentication as a part of
their technical
safeguards. The Security
Rule defines this requirement as "implement[ation]
of procedures to verify that a person or entity seeking access
to electronic
protected health information
[PHI] is the one claimed. (Note
that there is no separate implementation
specification for this standard.)
"[M]any different
mechanisms may be used to authenticate' persons or entities,
so this required standard specifies no particular technologies.
(Final Rule, p.137)
See also:
|
