Health and Insurance Portability and Accountability Act (HIPAA Security Compliance)
The Health and Insurance Portability and Accountability Act, better known as HIPAA, includes Privacy and Security rules that protect patient health information. The goal of these uniform standards is to promote the secure flow of health information while supporting the highest levels of patient care.
CSI offers a variety of HIPAA compliance services to help you meet HIPAA compliance requirements.
HIPAA Security Compliance Rules
Per the Privacy and Security rules, covered entities are responsible for safeguarding Protected Health Information (PHI) from improper use, disclosure or destruction by developing appropriate security measures.
- Privacy Rule: Identifies which patient information is to be protected, including such data that identifies or could identify the patient as his/her name, address, date of birth or social security number
- Security Rule: Protects PHI that is created, received, maintained or transmitted electronically (e-PHI)
HIPAA applies to all healthcare providers, health plans and health clearinghouses, as well as those entities that interact with them by exchanging PHI. They must regularly review their security measures to adjust to new and emerging threats to the privacy and security of patient information.
The Privacy and Security rules are augmented by the Health Information Technology for Economic and Clinical Health (HITECH) Act. This act promotes the adoption of health information technology and requires all parties covered by HIPAA to report data breaches. HIPAA breach notifications and an accountability of disclosures must be made if a breach of unsecured PHI occurs.
Are You HIPAA/HITECH Compliant?
Although private individuals don’t have a cause of action to sue in the event of a HIPAA violation, the U.S. Department of Health & Human Services’ Office of Civil Rights can impose penalties up to $1.5 million for the most extreme violations.
CSI offers HIPPA compliance services to help businesses like yours meet federal requirements:
Contact CSI to learn more about how you can be HIPAA/HITECH compliant and avoid penalties and fines.