The three safeguards for the Security Rule are as follows:
Administrative safeguards are meant for the management, development, implementation, and maintenance of security to prevent electronic PHI from getting disclosed.
These safeguards are meant for administrations that use or store PHI. These are policies implemented by a covered entity to safeguard PHI.
The administrative safeguards make up at least half of the HIPAA security requirements. Covered entities must guide their employees regarding the proper use and care of electronic PHI and methods that protect against unauthorized breaches.