Home
Ocr Hipaa Information
Hipaa Risk Assessment Links
Sitemap
Sponsored Links

 
Navigation

Hipaa research
Hipaa security
Hipaa gov
Hipaa
Hipaa information
Hipaa training
Hipaa phi
Hipaa penalties
Hipaa accelerator
Hipaa portability
Hipaa compliant authorization
Hipaa business associate agreement
Hipaa special enrollment
Hipaa summary
Hipaa edi
Books
Administrative Medical Assisting
Administrative Medical Assisting
by Marilyn T. Fordney Linda L. French Joan J. Follis
Our Price: $84.55
Used from: $40.00

Dental Assisting: A Comprehensive Approach
Dental Assisting: A Comprehensive Approach
by Donna J. Phinney Judy H. Halstead
Our Price: $98.05
Used from: $60.00

Today's Health Information Management: An Integrated Approach
Today's Health Information Management: An Integrated Approach
by Dana C. McWay
Our Price: $58.36
Used from: $26.95

HIPAA for Allied Health Careers
HIPAA for Allied Health Careers
by Cynthia Newby
Our Price: $44.77
Used from: $41.61

HIPAA in 24 Hours: Small Healthcare Entity HIPAA Manual
HIPAA in 24 Hours: Small Healthcare Entity HIPAA Manual
by Roy Rada
Our Price: $5.00
Used from: $5.00


The Security Rule Of The HIPAA

The acronym HIPAA stands for the Health Insurance Portability and Accountability Act, which Congress voted to enact in 1996. The HIPAA was designed to address several issues related to health insurance coverage and confidentiality of medical data. One of the regulations put in place according to the HIPAA is the Security Rule, which was confirmed in 2003, and had a compliance data of 2005. While the Security Rule is similar to the Privacy Rule in that it was put in place to protect the confidentiality of personal medical records, it differs from the Privacy Rule in that it deals solely with electronic information. The three security areas that fall under the influence of the Security Rule are the administrative, physical, and technical areas.

 

The Administrative Aspect

Compliance with this part of the Security Rule requires that medical facilities create and follow a standard privacy procedure. A privacy officer must also be designated, who will be responsible for drawing up and enacting this privacy procedure. Under the security procedures, employees allowed access to sensitive electronic health information must be clearly identified. Such access must be limited to employees who require such information in order to properly carry out their job functions. The company must also ensure that any employees obtained through outsourcing come from an external company that also has a privacy procedure and complies with HIPAA regulations. Contingencies for situations such as backup of data and data recovery must be covered, and frequent audits should be conducted and properly documented.

The Physical Aspect

This portion of the Security Rule governs the safety and physical access aspects of the hardware and software used in the processing and storage of medical information. There must be a system in place to permit physical access only to those who are authorized to do so. Maintenance records, security checks, and visitor sign-ins must be carefully monitored and documented for future reference. Any monitor screens that are used to display sensitive medical information must be situated such that unauthorized persons will not be able to view content displayed on the screens. Areas with high human traffic should also be avoided. The disposal of old equipment must be conducted carefully, and care must be taken to ensure that no sensitive information is contained in any of the equipment being disposed of.

The Technical Aspect

This section of the Security Rule is concerned with ensuring that the computer and network systems are secure against external intrusion and that data being transmitted across the network is safe from interception by unauthorized parties. Information transmitted on open networks must be encrypted, and authentication procedures such as user names and passwords must be put in place to prevent unauthorized access. In addition, data should not be changed in any way, and data corroboration will be carried out in order to ensure the integrity of the data.

Medical facilities are required by law to follow the many regulations of the HIPAA Security Rule. All this is done so as to ensure the safety and integrity of any personal medical information stored and processed electronically, and to prevent such information from inadvertently falling into the wrong hands.



 

Hipaa Recommended Products


Hipaa Compliance News

Lumension and John C. Lincoln Health Network to Host Webinar on HIPAA Compliance and Securing The Evolving Endpoint

Scottsdale, Ariz (PRWEB) July 30, 2008 -- Healthcare organizations spend a great deal of time and money securing their network perimeters from external threats. Attendees of this webinar will learn...

Read more...

Email Management Solution eMail Manager Gets HIPAA Compliant

Hobe Sound, FL (PRWEB) May 10, 2007 -- IFModules (http://www.ifmodules.com/eman [ifmodules.com]) eMail Manager, an easy-to-use, feature rich email management tool for businesses, announced today that...

Read more...

HIPAA Self-Directed Risk Assessment Successfully Implemented at Yoakum County Hospital

Austin, Texas (PRWEB) November 28, 2005 -- CynergisTek, Inc. and Blass Consulting, LLC, leaders in information security solutions, announced today the successful launch of the Self-Directed Risk...

Read more...

Simplified Training Solutions Donates HIPAA Training Library to the University of Fairfax

Vienna, VA (PRWEB) November 22, 2005 -- Simplified Training Solutions has donated its HIPAA Compliance Training Library to the University of Fairfax in Vienna, VA. The HIPAA Compliance Training...

Read more...

Rumble Group Announces Name Change to Thru.

Rumble Group of Dallas, Texas is pleased to announce it has changed its name to Thru. in conjunction with the launch of its newest online file delivery product, Thru.Outlook Edition. The goal of the name change is to leverage the strength of the Thru.

Read more...
Copyright © 2006-2008 :: Hipaa :: All Rights Reserved.