Physical security safeguards refer to the physical measures, policies, and procedures in place to protect a covered entity’s electronic information systems. It also includes related structures and equipment against natural and environmental risks, along with unlawful infiltration.
Why Are Physical Security Safeguards Important?
Physical safeguards are just as vital as administrative and technical safeguards since they ensure that data is physically safeguarded. Security systems and video monitoring, door and window locks, and server and computer locations are among them. They also cover mobile device regulations and the removal of hardware and software from specific sites.
What Happens If You Don’t Implement Physical Security Safeguards?
If you’re a covered entity, you must follow the HIPAA Security Rule or face stiff fines and penalties. The annual civil penalties range from $25,000 to $1.5 million. For instance, accessing, distributing, or utilizing electronic protected health information (ePHI) in an unauthorized manner might result in criminal charges. Heavy fines and imprisonment — up to $250,000 in fines and ten years in prison — are possible criminal consequences.
What Should You Do When A Breach Occurs?
Even with the most secure precautions in place, breaches can still occur. You must tell the affected parties in the event of a loss, theft, or certain other prohibited uses. Additionally, you have to notify the Secretary of the U.S. Department of Health and Human Services (HHS) and the media in the state or jurisdiction where the individuals live if the breach affects more than 500 people.
It’s important to understand the purpose of physical security safeguards and how to mitigate the hazards around them. Now that you know what these precautions are and why they exist, let’s work together to ensure that that you are implementing the proper physical safeguards.
Are you interested in learning more about physical security? Check out the rest of SIA Online today!
Desiree Macy is the Editorial Director of SIA Online Magazine which is frequented by security executives, corporate security officers, and private protection professionals each month. Desiree’s interests revolves around cyber-security, and business continuity.