Security Safeguards
Access Control
Technical measures that restrict ePHI to authorized users and processes only.
Access Control is a HIPAA Security Rule technical safeguard requiring systems that hold ePHI to allow access only to authorized users and software processes.
Its required and addressable elements include unique user identification, emergency access procedures, automatic logoff, and encryption. Access control is how the minimum necessary standard is enforced in practice.