HIPAA Security Rule Evaluation Checklist


This checklist addresses items for covered entities (which includes most group health plans) and their business associates to consider in complying with HIPAA’s Security Rule for PHI that is maintained or transmitted in electronic form (ePHI) (see 45 C.F.R. §§ 164.302-318) (the Security Rule). Specifically, the covered entity must: