Security Rule: Addressable Items

Standards	Sections	Implementation Specifications (R)=Required, (A)=Addressable
Workforce Security	[164.308(a)(3)]	Authorization and/or Supervision (A)
		Workforce Clearance Procedure (A)
		Termination Procedures (A)
Information Access Management	[164.308(a)(4)]	Access Authorization (A)
Information Access Management	[164.308(a)(4)]	Access Establishment and Modification (A)
Security Awareness and Training	[164.308(a)(5)]	Security Reminders (A)
		Protection from Malicious Software (A)
		Log-in Monitoring (A)
		Password Management (A)
Contingency Plan	[164.308(a)(7)]	Testing and Revision Procedure (A)
Contingency Plan	[164.308(a)(7)]	Applications and Data Criticality Analysis (A)
Facility Access Controls	[164.310(a)(1)]	Contingency Operations (A)
		Facility Security Plan (A)
		Access Control and Validation Procedures (A)
		Maintenance Records (A)
Device and Media Controls	[164.310(d)(1)]	Accountability (A)
Device and Media Controls	[164.310(d)(1)]	Data Backup and Storage (A)
Access Control	[164.312(a)(1)]	Automatic Logoff (A)
Access Control	[164.312(a)(1)]	Encryption and Decryption (A)
Integrity	[164.312(c)(1)]	Mechanism to Authenticate Electronic Protected Health Information (A)
Transmission Security	[164.312(e)(1)]	Integrity Controls (A)
Transmission Security	[164.312(e)(1)]	Encryption (A)