By Mark Keefe, President
HIPAA stands for the Health Insurance Portability and Accountability Act of 1996, which was enacted by Congress to protect sensitive patient data. The act contains a “Privacy Rule” and a “Security Rule”,” which in turn protect the privacy, and sets standards for the security of electronic protected health information (e-PHI).
The HIPAA Security Rule defines “confidentiality” to mean that e-PHI is not available or disclosed to unauthorized persons. The Security Rule’s confidentiality requirements support the HIPAA Privacy Rule’s prohibitions against improper uses and disclosures of PHI.
Taken together, these rules establish national standards for how companies working with sensitive patient data must ensure that data’s confidentiality, availability, and integrity.
Working with healthcare data and patient records, a company must ensure that all the required physical, network and process security measures are in place and strictly adhered to in accordance with HIPAA rules.
What it means to be HIPAA Compliant:
Any company that deals with patient health records or provides services to companies that work with patient health information must ensure that all of the required physical, network and process security measures are in place and followed according to the HIPAA Privacy and HIPAA Security Rules. The Security Rule requires Covered Entities to maintain reasonable and appropriate administrative, technical and physical safeguards for protecting e-PHI.
Specifically, Covered Entities must:
• Ensure the confidentiality, integrity and availability of all e-PHI they create, receive, maintain or transmit
• Identify and protect against reasonably anticipated threats to the security or integrity of the information
• Protect against reasonably anticipated, impermissible uses or disclosures
• Ensure compliance by their workforce
You can be confident that your customers sensitive information is protected at PrimeNet.