HIPAA Security Regulations
-
Upload
nita-barron -
Category
Documents
-
view
14 -
download
1
description
Transcript of HIPAA Security Regulations
HIPAA Security Regulations
Jean C. HemphillBallard Spahr Andrews & Ingersoll, LLP
November 30, 2004
Health Insurance Portability & Accountability Act of 1996 (“HIPAA”)
• Standard Electronic Transactions –
– October 16, 2003 • Privacy Rule -- April 14, 2003 •Security – April 21, 2005
Security Regulations Objectives
• Keep electronic records confidential• Keep records accessible to members• Use records for intended purposes
only • Protect integrity of records from
– Hackers– Viruses– Unauthorized disclosures– Inadvertent destruction
HIPAA Security Regulations
• Standards for– Administrative Safeguards– Physical Safeguards– Technical Safeguards
• Organizational Requirements• Policies & Procedures• Training & Sanctions
HIPAA Security Regulations
• Assessment of your organization’s current electronic security environment– Required standards– Addressable standards
• Examples of Required Standards:– Security incident procedure, data backup
plan, disaster recovery plan, emergency mode operation plan
HIPAA Security Regulations
• By April 21, 2005– Designate a security official– Address the required measures– Consider the addressable measures – Document your policies and procedures – Update Business Associate Agreements– Train the workforce