Alert: New HIPAA Rules Could Affect Your Organization's Email System
On April 21, 2005 a new Health Insurance Portability and Accountability Act (HIPAA) security rule went into effect. The new rule affects many types of organizations, not just healthcare companies. Failure to adhere to the new guidelines could cost your company up to $250,000 per infraction! Make sure your email system complies with federal laws.
On April 21, 2005, a new Health Insurance Portability and Accountability Act (HIPAA) security rule went into effect. The requirements of this rule, which are basically information security best practices, focus on the three cornerstones of a solid information security infrastructure: confidentiality, integrity and availability of information.
The HIPAA regulatory requirements encompass transmission, storage and discoverability of Protected Health Information (PHI). Given the widespread use and mission-critical nature of email, enforcement of HIPAA encryption policies and the growing demand for secure email solutions, email security has never been more important to the healthcare industry than it is right now.
Although many assume it applies only to health care providers, HIPAA affects nearly all companies that regularly transmit or store employee health insurance information. HIPAA was signed into law in 1996 by former President Bill Clinton, with the intent of protecting employee health and insurance information when workers changed or lost their jobs. As Internet use became more widespread in the mid-to-late 1990s, HIPAA requirements overlapped with the digital revolution and offered direction to organizations needing to exchange healthcare information.
HIPAA in the Workplace
In addition to the usual concerns about privacy and security of email correspondence, even organizations that are not in the healthcare industry must now consider the regulatory compliance requirements associated with HIPAA. The Administrative Simplification section of HIPAA, which, among other things, mandates privacy and security of Protected Health Information (PHI), has sparked concern about how email containing PHI should be treated in the corporate setting. HIPAA, as it relates to email security, is an enforcement of otherwise well-known best practices that include:
Organizations regulated by HIPAA must comply and put these practices in place. However, the need to comply with regulations puts particular pressure on the healthcare industry to enhance their use of technology and “catch up” with other industries of similar size and scope.
Privacy and Email Security
The clock is ticking – it’s time to get started
Source: Free Articles from ArticlesFactory.com
ABOUT THE AUTHOR
Dr. Paul Judge is a noted scholar and entrepreneur. He is Chief Technology Officer at CipherTrust, the industry's largest provider of enterprise email security solutions. Learn how to make your email system comply with HIPAA regulations by visiting www.ciphertrust.com.