Access to this system is restricted to authorized users only. Violators subject to imprisonment and/or fine. Continuing beyond this point certifies your understanding and compliance with all applicable restrictions and regulations.

  • Authorized users will establish access, management and internal data security controls and processes. Authorized users are responsible for/to:
  • 1. A signed Business Associates Agreement as the “covered entity” for access to and utilization of the AKAIMS.
  • 2. At a minimum, one “site administrator role” is designated to function in the administration and management of the Department Approved Providers respective AKAIMS account.
  • 3. Establish a provider-level “new user account” process that include “privilege management”; separation of duties or principal of least privilege to maximize role and role attributes.
  • 4. Establish a provider-level user access audit and review process for agency staff roles and permissions; review and validate their AKAIMS users in a periodic and timely manner.
  • 5. Establish a provider-level termination of accounts process.
  • 6. Report the status of controls in the environment to the DBH/ AKAIMS office, as requested.
  • 7. Conduct periodic security risk analysis.[1] Note: The HHS Office for Civil Rights' has issued Guidance on Risk Analysis, and in conjunction with ONC, a security risk assessment tool. Also, ONC offers a set of questions Nationwide Privacy and Security Framework.
  • 8. Provide ongoing security awareness and training. To safeguard patient health information, your workforce must know how to implement your policies, procedures, and security audits. HIPAA requires you as a covered provider to train your workforce on policies and procedures. Also, your staff must receive formal training on breach notification.
Upon selecting "Go", you may be asked if you want to close the window. Select "Yes" to access the system.