Table of Contents SEC 01.01 Risk Analysis SEC 01.03 Sanctions SEC 01.04 Information System Activity Review SEC 02.01 Designation of Security Official SEC 03.01 Authorization and Supervision SEC 03.02 Workforce Clearance SEC 03.03 Termination Procedure SEC 04.01 Isolating HealthCare Clearinghouse Functions SEC 04.02 Access Authorization SEC 04.03 Access Establishment and Modification SEC 05.01 Security Reminder SEC 05.02 Protection from Malicious Software SEC 05.03 Log-In Monitoring SEC 05.04 Password Management SEC 05.05 Training SEC 06.01 Response and Reporting SEC 07.01 Data Backup Plan SEC 07.02 Disaster Recovery of EPHI SEC 07.03 Emergency Mode Operations SEC 07.04 Testing and Revision SEC 07.05 Applications and Data Criticality Analysis SEC 08.01 Periodic Evaluation of Standards SEC 09.01 Business Associate Contracts and Other Agreement SEC 10.01 Contingency Operations - Facility Access SEC 10.02 Facility Security Plan SEC 10.03 Access Control and Validation SEC 10.04 Maintenance Records SEC 11.01 Acceptable Use SEC 11.02 Workstate Secuirty SEC 12.02 Accountability Tracking Equipment and Media SEC 12.03 Data Backup and Storage SEC 13.01 Unique User Identification SEC 13.02 Emergency Access SEC 13.03 Automatic Logoff SEC 13.04 Encryption and Decryption SEC 14.01 Audit Controls SEC 15.01 Data Integrity SEC 16.01 Mechanism to Authenticate EPHI SEC 17.01 Verification of Identity SEC 18.01 Integrity Controls SEC 18.02 Encryption
Table of Contents
