Technical and Physical Safeguards outlined in HIPPA Security Rule
The HIPAA security rule outlines the requirements for the protection of electronic PHI (Patient Health Information). While most healthcare professionals and stakeholders know about HIPAA, many do not fully appreciate its significance in their day to day operations, particularly in the area of security. If your organization collects health information, getting compliant now will help you avoid penalties such as fines, legal fees or harm to reputation. Following are the technical and physical safeguards needed under the HIPPA security rule:
Technical Safeguards required:
Network Encryption
Control Access
Authenticate ePHI
Encrypt Devices
Control Activity Audits
Enable Automatic Log Off
Physical Safeguards Required:
Control Facility Access
Manage Workstations
Protect Mobile
Track servers
Administrative Safeguards Required
Risk Assessment
Systematic Risk Assessment
Train Your Staff
Build Contingencies
Block unauthorized access
Document all security incidents
HIPAA Privacy Rule
This is in place to make sure that PHI is protected. The privacy rule includes:
Prompt Response to patient access requests
Notice of privacy practices
Privacy training
Do not succumb to corruption
Get authority
Update your copy
Organizations must be aware of HIPPA compliance and follow the right steps to be complaint to HIPAA and protect the electronic Patient Health Information.
Comments
Post a Comment