The HIPAA Security Rule defines “confidentiality” to mean that electronic protected health information (e-PHI) is not available or disclosed to unauthorized persons. This means that the HIPAA Privacy Rule’s prohibits against improper uses and disclosures of PHI. Also, e-PHI is only available and usable on-demand by an authorized person.
Employee’s access to E-PHI entails the Implementation procedures to authorize and supervise employees who work with PHI, and for allowing and prohibiting PHI access to employees. It ensures that an employee's access to PHI ends with termination of employment.