Home
Hipaa Medical Release Resources
Top Links
Hipaa Consent Links
Privacy Policy
Sitemap
Sponsored Links

 
Navigation

Hipaa definition
Hipaa pre existing
Hipaa certification
Hipaa regulation
Hipaa medical records
Hipaa release
Hipaa eligible
Hipaa data
Hipaa violation
Hipaa policy
Hipaa form
Hipaa it
Hipaa privacy notice
Hipaa compliant
Hipaa enforcement
Books
HIPAA Plain & Simple: A Healthcare Professionals Guide to Achieve HIPAA and HITECH Compliance
HIPAA Plain & Simple: A Healthcare Professionals Guide to Achieve HIPAA and HITECH Compliance
by Carolyn P. Hartley Edward D., III Jones
Our Price: $64.87
Used from: $46.37

Stedman's Guide to the HIPAA Privacy & Security Rules
Stedman's Guide to the HIPAA Privacy & Security Rules
by Kathy Nicholls
Our Price: $44.50
Used from: $24.49

HIPAA for Health Care Professionals
HIPAA for Health Care Professionals
by Carole Krager Dan Krager
Our Price: $31.02
Used from: $6.85

HIPAA Survival Guide for Providers: Privacy, Security and the HITECH Act
HIPAA Survival Guide for Providers: Privacy, Security and the HITECH Act
by Carlos A. Leyva Deborah L. Leyva
The Practical Guide to HIPAA Privacy and Security Compliance
The Practical Guide to HIPAA Privacy and Security Compliance
by Kevin Beaver Rebecca Herold
Our Price: $87.75
Used from: $82.48


The Security Rule Of The HIPAA

The acronym HIPAA stands for the Health Insurance Portability and Accountability Act, which Congress voted to enact in 1996. The HIPAA was designed to address several issues related to health insurance coverage and confidentiality of medical data. One of the regulations put in place according to the HIPAA is the Security Rule, which was confirmed in 2003, and had a compliance data of 2005. While the Security Rule is similar to the Privacy Rule in that it was put in place to protect the confidentiality of personal medical records, it differs from the Privacy Rule in that it deals solely with electronic information. The three security areas that fall under the influence of the Security Rule are the administrative, physical, and technical areas.

  

The Administrative Aspect

Compliance with this part of the Security Rule requires that medical facilities create and follow a standard privacy procedure. A privacy officer must also be designated, who will be responsible for drawing up and enacting this privacy procedure. Under the security procedures, employees allowed access to sensitive electronic health information must be clearly identified. Such access must be limited to employees who require such information in order to properly carry out their job functions. The company must also ensure that any employees obtained through outsourcing come from an external company that also has a privacy procedure and complies with HIPAA regulations. Contingencies for situations such as backup of data and data recovery must be covered, and frequent audits should be conducted and properly documented.

The Physical Aspect

This portion of the Security Rule governs the safety and physical access aspects of the hardware and software used in the processing and storage of medical information. There must be a system in place to permit physical access only to those who are authorized to do so. Maintenance records, security checks, and visitor sign-ins must be carefully monitored and documented for future reference. Any monitor screens that are used to display sensitive medical information must be situated such that unauthorized persons will not be able to view content displayed on the screens. Areas with high human traffic should also be avoided. The disposal of old equipment must be conducted carefully, and care must be taken to ensure that no sensitive information is contained in any of the equipment being disposed of.

The Technical Aspect

This section of the Security Rule is concerned with ensuring that the computer and network systems are secure against external intrusion and that data being transmitted across the network is safe from interception by unauthorized parties. Information transmitted on open networks must be encrypted, and authentication procedures such as user names and passwords must be put in place to prevent unauthorized access. In addition, data should not be changed in any way, and data corroboration will be carried out in order to ensure the integrity of the data.

Medical facilities are required by law to follow the many regulations of the HIPAA Security Rule. All this is done so as to ensure the safety and integrity of any personal medical information stored and processed electronically, and to prevent such information from inadvertently falling into the wrong hands.


Leave a comment | View Comments

 


Office Depot

Videos

Loading...
Hipaa Policy News

Connectria Demonstrates 100% HIPAA Compliant Hosting

Connectria Hosting, a global managed hosting provider, today announced that it has successfully completed an independent HIPAA on-site assessment to confirm that its Managed Hosting services are compliant with the HIPAA standards and specifications.

Read more...

HIPAA changes could put healthcare IT companies on the hook

Changes expected to become law in coming months would make high-tech companies that deal with healthcare data - including those in the fields of biometrics, healthcare IT and even cloud hosting services that have healthcare organizations as clients - liable for data breaches under the federal HIPAA statute. But many such companies aren't aware the changes are afoot.

Read more...

HIPAA changes could put tech companies on the hook

Changes expected to become law in coming months would make high-tech companies that deal with healthcare data - including those in the fields of biometrics, healthcare IT and even cloud hosting services that have healthcare organizations as clients - liable for data breaches under the federal HIPAA statute. But many such companies aren't aware the changes are afoot.

Read more...

MajescoMastek and CIC Partnership Adds Electronic Signatures to Elixir North America Policy Administration System

At the ACORD LOMA Insurance Systems Forum MajescoMastek, the U.S. subsidiary of global technology solutions provider Mastek Limited and Communication Intelligence Cor

Read more...

Clearwater Compliance Announces New Reseller Program

Partnering with Clearwater Compliance allows compliance consultants and advisors to create new revenue streams by offering our HIPAA-HITECH software and solutions to their customers.(PRWEB) May 09, 2012 Today, Clearwater Compliance announced the establishment of a new Reseller program for HIPAA and HITECH compliance consultants and advisors. The program is aimed at helping business partners ...

Read more...
Copyright © 2006-2012 :: Hipaa :: All Rights Reserved.