Facility Access Controls. Business Associate shall maintain controls and procedures to limit physical access to information systems that transmit, transact or store PHI and the facility or facilities in which they are housed while ensuring that properly authorized access is allowed. Business Associate shall maintain controls and procedures to validate personnel access to facilities based on their role, including visitor controls.
Facility Access Controls a) Employees must be required to wear identification badges at all times in sensitive facilities.
b) Visitors must be required to be identified, sign in, wear temporary visitor badges, and be escorted in facilities containing Centene data.
c) Data center access to sensitive areas, such as a computer room, must require two levels of authentication.
d) Data center and other sensitive facilities access must be periodically reviewed to ensure that access is still valid.
e) Facility access logs must be retained for at least six (6) months and be reviewed as needed.
Facility Access Controls. The Company will maintain Facility Access control procedures to limit physical Access to its ePHI containing Information Systems and the Facility (or facilities) where they are housed, while ensuring that properly authorized Access is permitted. As applicable:
Facility Access Controls. 4.1.1 Contingency Operations 25 4.1.2 Facility Security Plan 25 4.1.3 Access Control and Validation Procedures 26 4.1.4 Maintenance Records 27 4.2 Workstation Use 28 4.3 Workstation Security 30
Facility Access Controls. 9.2.1 Employees must be required to wear identification badges at all times in sensitive facilities. DocuSign Envelope ID: AF111576-68A3-47A8-8856-AD6F3A8CCA3E
9.2.2 Visitors must be required to be identified, sign in, wear temporary visitor badges, and be escorted in facilities containing CSD data.
9.2.3 Data center access to sensitive areas, such as a computer room, must require two levels of authentication.
9.2.4 Data center and other sensitive facilities access must be periodically reviewed to ensure that access is still valid.
9.2.5 Facility access logs must be retained for at least six (6) months and be reviewed as needed.
Facility Access Controls. BUSINESS ASSOCIATE will implement policies and procedures to limit physical access to its electronic information systems that contain PHI (including but not limited to servers, databases, data archives, and data backups) and the facility or facilities in which they are housed, while ensuring that properly authorized access is allowed.
Facility Access Controls. CONTRACTOR shall maintain facility access controls, which limit physical access to the provider’s electronic information systems and the facilities in
Facility Access Controls. Implement policies and procedures to limit physical access to electronic information systems and the facilities in which they are housed only to those workforce members whose access is authorized by Vendor and is appropriate.
