Which of the following is an example of a physical safeguard in HIPAA?

Facility access controls are a critical component of physical safeguards under HIPAA because they focus on protecting the physical environment where electronic protected health information (ePHI) is stored and processed. These controls include measures such as security guards, keys, or access cards, surveillance cameras, and locks that ensure only authorized personnel can access areas containing sensitive information.

Implementing effective facility access controls helps to prevent unauthorized access, theft, or physical damage to the information systems and environments that house ePHI. This is essential to maintaining the confidentiality, integrity, and availability of health information.

The other options pertain to different types of safeguards. Data encryption technology is an example of a technical safeguard, which involves using advanced technology to protect data. Employee training on data security is an administrative safeguard that focuses on educating staff about best practices for handling sensitive information. Secure password policies also fall under technical safeguards, ensuring that only authorized individuals can access sensitive systems. These distinctions are important in understanding the comprehensive approach required by HIPAA to protect health information.