1670.015 HIPAA SECURITY: AUTHENTICATION AND AUDIT CONTROLS FOR ELECTRONIC PROTECTED HEALTH INFORMATION
Florida International University departments and units that create, maintain or transmit electronic protected health information (EPHI) must designate a HIPAA Security Administrator to perform data authentication checks in order to ensure the data is not improperly altered or destroyed. The designated HIPAA Security Administrator must report any suspicious findings to the HIPAA Privacy Officer and the University HIPAA Security Officer.
Software used to store electronic protected health information must have the ability to audit the access to, and integrity of this information. In addition, departments and units that create, maintain or transmit EPHI must enable all system and software auditing functions that may be used to track system activity. The University will continuously perform monitoring, inspection, testing and auditing of such systems and software access logs in order to ensure the confidentiality, integrity and availability of EPHI.
Published on 2017-12-13
Administrative Oversight & Contact Information
Office of University Compliance & Integrity
University Compliance & Privacy Officer
- Phone: 305--348-2216