Young hacker smiling

We hack your software

zero false positives

Expert intelligence + effective automation

REQ.113 Manage access points

This document contains the details of the security requirements related to the definition and management of access control in the organization. This requirement establishes the importance managing correctly the access points in the facilities defining a small and controllable number of them.

Requirement

Restricted areas must have a small and controllable number of access points.

References

  1. HIPAA Security Rules 164.308(a)(3)(i): Workforce Security: Implement policies and procedures to ensure that all members of its workforce have appropriate access to electronic protected health information, as provided under paragraph (a)(4) of this section, and to prevent those workforce members who do not have access under paragraph (a)(4) of this section from obtaining access to electronic protected health information.

  2. HIPAA Security Rules 164.310(a)(2)(iii): Access Control and Validation Procedures: Implement procedures to control and validate a person’s access to facilities based on their role or function, including visitor control, and control of access to software programs for testing and revision.


Service status - Terms of Use