Free Articles, Free Web Content, Reprint Articles
Sunday, May 28, 2017
 
Free Articles, Free Web Content, Reprint ArticlesRegisterAll CategoriesTop AuthorsSubmit Article (Article Submission)ContactSubscribe Free Articles, Free Web Content, Reprint Articles
 

Patient Information - The HIPAA Challenge

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 has fostered the use of electronic transactions, simplifying healthcare administration and reducing overhead. However, the...

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 has fostered the use of electronic transactions, simplifying healthcare administration and reducing overhead.

However, the computerization of patient records has created an increased security risk from various sources, such as intrusion attempts, unauthorized internal access and other security attacks. HIPAA therefore mandates security measures be taken to protect sensitive data, ensuring that only patients and their healthcare providers have access to patient medical information. According to the Final Rule of the Act’s Health Insurance Reform: Security Standards, HHS states:

“Section 1173(d) of the Act provides that covered entities that maintain or transmit health information are required to maintain reasonable and appropriate administrative, physical, and technical safeguards to ensure the integrity and confidentiality of the information and to protect against any reasonably anticipated threats or hazards to the security or integrity of the information and unauthorized use or disclosure of the information. These safeguards must also otherwise ensure compliance with the statute by the officers and employees of the covered entities.”

The Title II Administrative Simplification Security Rule states that specific security issues related to transmitting and storing patient data must be addressed. Safeguard initiatives where solutions must be implemented include:

  • Security Management Process
  • Administrative Safeguards
  • Assigned Security Responsibility
  • Workforce Security
  • Information Access Management
  • Security Awareness and Training
  • Security Incident Procedures
  • Contingency Plan
  • Evaluation
  • Business Associate Contracts and Other Arrangements
  • Physical Safeguards
  • Facility Access Controls
  • Workstation Use
  • Workstation Security
  • Device and Media Controls
  • Technical Safeguards
  • Access Control
  • Audit Controls
  • Integrity
  • Person or Entity Authentication
  • Transmission Security

To comply with HIPAA regulations and protect patient information, healthcare organizations need to update their legacy computer systems, ramping up their information security capabilities, and defining and implementing business processes that align with security objectives.

The HIPAA Security Standards do not specify particular technology requirements, so each affected healthcare organization must assess its own risk and develop security measures accordingly. Organizations must then certify their security programs through self-certification or by a private accreditation entity.

Addressing the HIPAA Security Rule and implementing the technical, administrativeFeature Articles, and physical safeguards that will ensure compliance requires a comprehensive information security program.

Source: Free Articles from ArticlesFactory.com

ABOUT THE AUTHOR


Katherine Janiszewski plays a crucial role as Marketing Manager of netForensics. Founded in 1999, netForensics is based on a culture of excellence and innovation. Their team of leading experts understands the ever-evolving security threat and compliance needs of today’s organizations, including HIPAA Data. For more information, visit netForensics.com.



Health
Business
Finance
Travel
Technology
Home Repair
Computers
Marketing
Autos
Family
Entertainment
Education
Law
Communication
Sports
Other
ECommerce
Home Business
Self Help
Internet
Partners


Page loaded in 0.082 seconds