What are HIPAA safeguards?

The HIPAA Security Rule outlines three types of safeguards — administrative, physical, and technical — to properly protect PHI. 

Administrative safeguards

Administrative safeguards help guide employees on how to properly use and store PHI. 

These safeguards are in place to:

  • Train workforce members about PHI protections
  • Resolve security incidents that may be a threat to PHI
  • Protect PHI during emergency situations

Physical safeguards

Physical safeguards protect the physical points of access to PHI. Physical safeguards set the stage for how employees should manage their workstation and mobile devices to keep sensitive information secure. 

Common physical safeguards include limits to facility access via surveillance cameras or ID badges and outlining proper and improper use of technology.

Technical safeguards

Technical safeguards protect against unauthorized access or alteration to PHI that’s stored electronically, such as in an application or system.