Why Security and Risk Analysis are a must for HIPAA Compliance and Meaningful Use Attestation?
Checking compliance and security, the Aegify way
In 1996, the Health Information Portability and Accountability Act, most commonly known as HIPAA, was passed with one of its goals being to ensure uninterrupted coverage for patients. Health Care Organizations (HCOs) need to be able to pass patient records and other data back-and-forth. For this to happen efficiently and reliably, healthcare records would need to become more portable (hence the ‘Portability’ in the act’s title). So the bill set forth new terminology and Electronic Data Interchange (EDI) code sets for transmitting data.
Two parts of HIPAA require attention:
- The Security Rule (164.306), which establishes safeguards to protect the confidentiality, integrity, and availability of electronic protected health information (PHI).
- The Privacy Rule (164.502), which orders HCOs to protect PHI and defines the allowable uses and disclosures of PHI, in contrast to “de-identified” health information.
The assured portability of healthcare information plays a tremendous role in improving the safety, efficiency, and quality of healthcare. The act seeks to assure that anyone and everyone who participates in moving PHI from place-to-place accepts accountability that, at least in part, assures privacy.
Sweeping changes were made to the HIPAA privacy and Security Rules since they were first implemented with the Omnibus Final Rule, effective September 23rd, 2013.
Protected Health Information (PHI) includes any data, including demographic information that relates to any of the following:
- An individual’s past, present or future physical or mental health or condition.
- The provision of healthcare to an individual.
- The past, present, or future payment for the provision of health care to an individual that also identifies the individual or for which there is a reasonable basis to believe it can be used to identify the individual.
- Individually identifiable health information includes many common identifiers (e.g., name, address, birth date, and Social Security number).
Read more… Download the whitepaper
Related posts
