Posts

cube hands security

Does HIPAA regulation cover your business? There are two categories of entities who are regulated by HIPAA and are required to be in full compliance.

Covered Entity – This is the main focus of the original law. Covered entities are those who, in their normal activities, create, maintain, directly access and/or transmit PHI and ePHI. Examples of these entities are healthcare providers, clearinghouses, insurance plans, and employers who self-insure. [Note: In general a specific individual is not considered a covered entity. Their employer is the covered entity. Individuals, however, still have a duty to support and ensure compliance and would likely face disciplinary action by their employer for individual behaviors that compromise compliance. Their employer would be the target of OCR fines and penalties.

Read more

watching eye

So you know you are regulated by HIPAA. But in a broad sense, what must your organization do to be in compliance? First and foremost, you need to understand what HIPAA and the HITECH Act are regulating. HIPAA and the HITECH Act are regulating and enforcing the security of an individual patient’s health information. The specific information being regulated is known as Protected Health Information (PHI), also known sometimes as Individually Identifiable Health Information (IIHI), and its subset, electronic Protected Health Information (ePHI). ePHI is simply PHI stored, maintained, etc. in digital form. These are defined as any data that can individually identify a patient. That means anything that can reasonably ID a patient. Examples include SSN, medical ID, age, vmail, URLs, driver’s license number, license plate numbers, photos, names of relatives, identified test results, telephone numbers, email and postal addresses, and medical images. As can be seen, this sweeps a large swath of data under the umbrella of protected information.
Read more

secure folder

You deal with HIPAA every time you visit a medical office. But what is this law that seems to constantly appear anytime you get near a healthcare provider? HIPAA is the acronym for The Health Insurance Portability and Accountability Act of 1996. Aside from allowing for portability of health insurance for the individual, the laws main reason for being is to ensure the protection and privacy of an individual’s medical data. HIPAA strictly regulates the security of medical data, and holds anyone who possesses or touches it in any way liable for any data breach that occurs. HIPAA (1996) and its younger cousin, the HITECH Act of 2006 strictly regulate and monitor the security of all individual medical data in the U.S.
Read more

hippa fines

For most of us, HIPAA is just some strange acronym for a law we stumble across everytime we visit a doctor’s office or medical clinic. Something about signing to allow the office to have access to your medical records so they can treat you. Or something like that. However, if your business has a professional […]