|
HIPAA Compliance:
The Health Insurance Portability and
Accountability Act (HIPAA) sets forth national
standards to protect the privacy of personal
health information.
Effective April 14, 2001, the privacy
provisions of this federal law apply to "health
information created or maintained by health care
providers who engage in certain electronic
transactions, health plans, and health care
clearinghouses."-
ref. link
These regulations also apply to Federal and State
agencies which send or receive confidential medical
information.
HIPAA was enacted
to protect the individual's personal health
information and, at the same time, give patients
better access to their medical records. This patient
data is regularly accessible, not just in computer systems,
but in
fax machines, over wireless communications and
paper 'hard copies'. HIPAA requires preventative
measures to be implemented to ensure unauthorized
people cannot view this
confidential patient information when visiting
a hospital or other medical-related facility.
Section 164.306,
the statement of the general Rule, requires covered
entities to:
- Ensure the
confidentiality, integrity, and availability of
all electronic protected health information (EPHI)
the covered entity creates, receives, maintains,
or transmits;
- Protect
against any reasonably anticipated threats or
hazards to the security or integrity of such
information;
- Protect
against any reasonably anticipated uses or
disclosures of such information that are not
permitted or required by the Privacy Rule; and
- Ensure
compliance by its workforce
For more
information on HIPAA Requirements, refer to:
http://www.hhs.gov/ocr/hipaa/
Return to
Privacy Enhanced
Touchscreens page
|
