Guide
To HIPAA Security
Overview - What is HIPAA?
HIPAA stands for the Health Insurance Portability
and Accountability Act of 1996. Title I of HIPAA governs portability
of health benefits, special enrollment rights, and non-discrimination
rules. Title II, Subtitle F of HIPAA governs "Administrative
Simplification."
The Administrative Simplification Rules are
intended to create a uniform system for processing, retaining,
and securing health care information by encouraging the use
of electronic technology, mandating standardization of health-related
transactions, and ensuring the security and privacy of health
information.
Most covered entities will have until April 21, 2005 to comply
with the HIPAA Security Standards. In the final Security Rule
there are three main components which you will need to address:
The regulation outline a realistic model for security management
that is flexible however, covered entities should not take
the flexibility provisions of the rule as a reason to ignore
security.
So, where should you begin?
A covered entity should perform an initial risk analysis
to assess the state of security for that facility. This Whitepaper
will help you think through the elements of that risk analysis
and assessment.
|
