Administrative Safeguards
- Policies and Procedures Standards
- Information Security Strategy
- Documentation Standard
- Risk Analysis
- Risk Management
- TS-3 Sanction Policy
- TS-4 Information System Activity Review
- TS-5 Assigned Security Responsibility
- TS-6 Authorization and/or Supervision
- TS-7 Workforce Clearance Procedure
- TS-8 Termination Procedures
- Isolating Healthcare Clearinghouse Functions
- TS-10 Access Authorization Policy
- TS-11 Access Establishment and Modification
- TS-12 Security Reminders
- TS-13 Protection from Malicious Software
- TS-14 Log-in Monitoring
- TS-15 Password Management
- TS-16 Response and Reporting
- TS-17 Data Backup Plan
- TS-18 Data Recovery Plan
- TS-19 Emergency Mode Operation Plan
- TS-20 Testing and Revision Procedure
- Applications and Data Criticality Analysis
- TS-22 Evaluation Policy
Physical Safeguards
- TS-24 Contingency Operations
- TS-25 Facility Security Plan
- TS-26 Access Control and Validation
- TS-27 Maintenance Records Policy
- TS-28 Workstation Use Policy
- Workstation Security
- TS-30 Disposal Policy
- TS-31 Media Reuse
- TS-32 Accountability
- TS-33 Data Backup and Storage
