HIPPA Security Rule
The Security Standards for the Protection of Electronic Protected Health Information (the Security Rule) establish a national set of security standards for protecting certain health information that is held or transferred in electronic form.
The Security Rule operationalizes the protections contained in the Privacy Rule by addressing the technical and non-technical safeguards that organizations called “covered entities” must put in place to secure individuals’ “electronic protected health information” (e-PHI). Within HHS, the Office for Civil Rights (OCR) has responsibility for enforcing the Privacy and Security Rules with voluntary compliance activities and civil money penalties.
A major goal of the Security Rule is to protect the privacy of individuals’ health information while allowing covered entities to adopt new technologies to improve the quality and efficiency of patient care. Given that the health care marketplace is diverse, the Security Rule is designed to be flexible and scalable so a covered entity can implement policies, procedures, and technologies that are appropriate for the entity’s particular size, organizational structure, and risks to consumers’ e-PHI.
HIPAA compliance requirements for Electronic Health Records (EHR) - Stage 1 and Stage 2 Meaningful Use Attestation
Risk Analysis - Meaningful Use Stage I objectives - privacy and security of protected health information (PHI)
Requirements, the risks, and the issues in using mobile devices - social networking for patient communications
New HIPAA Breach Notification rules-tips for preventing and preparing for breaches-the new penalties for non compliance- how to prepare for HIPAA audits
Significant changes to the HIPAA rules for Business Associates - the new challenges for HIPAA Covered Entities and Business Associates - new risks for non-compliance and penalties