WGU MHA D511 HIPAA Security Rule Quick Reference Card.

WGU MHA D511 HIPAA Security Rule Quick
Reference Card.




HIPAA Security Rule
Quick Reference Card

, HIPAA SECURITY RULE QUICK REFERENCE CARD
Implementation Specification
Standard Section
R=Required, A=Addressable
Administrative Safeguards
Security §164.308(a)(1)  Risk Analysis R
Management  Risk Management
Process  Sanction Policy R
 Information System R
Activity Review R
Assigned Security §164.308(a)(2) R
Responsibility
Workforce §164.308(a)(3)  Authorization A
Security and/or
Supervision A
 Workforce
Clearance
Procedure
 Termination Procedures A
Information §164.308(a)(4)  Isolating Health Care R
Access Management Clearinghouse
Function A
 Access Authorization
 Access Establishment A
and Modification
Security §164.308(a)(5)  Security Reminders A
Awareness and  Protection from
Training Malicious Software A
 Log-in Monitoring
 Password Management A

A
Security Incident §164.308(a)(6)  Response and Reporting R
Procedures
Contingency Plan §164.308(a)(7)  Data Backup Plan R
 Disaster Recovery Plan
 Emergency R
Mode R
Operation Plan
 Testing and A
Revision
Procedure
 Applications and
Data Criticality A
Analysis
Evaluation §164.308(a)(8) R
Business §164.308(b)(1)  Written Contract or R
Associate Contracts Other Arrangement
© 2025 PAGE 2