HIPAA PHI Security Standards & PHI Encryption Compliance
On September 23, 2009 new regulations expanding the privacy and security requirements under the Health Insurance Portability and Accountability Act (HIPAA) become effective.
The changes were adopted in the American Recovery and Reinvestment Act of 2009, included legislation known as the HITECH Act (Health Information Technology for Economic and Clinical Health). The HITECH Act requires medical practices and other health care providers to notify individuals when their protected health information is breached. The Department of Health and Human Services (HHS) recently adopted the regulations necessary to enforce the new rules, significantly expanding some of the privacy and security requirements under the Health Insurance Portability and Accountability Act (HIPAA). The new regulations have company policy makers and information technology departments across the country making changes to better protect PHI. HIPAA-Encryption.com provides HIPAA compliance guidance and best practices for securing PHI.
Are your PHI policies and systems HIPAA compliant?
Whether you are a large medical center, private practice, medical billing company or somewhere in-between you are required by law to take the necessary steps to safeguard protected health care information. Protected health care information (PHI) can exist in many forms, both physical and digital, in a healthcare setting or medical office environment. Paper records, fax transmissions, digital media, computers, portable devices and even the spoken word all present challenges for institutions that handle PHI. The Health Insurance Portability and Accountability Act (HIPAA) defines numerous offenses relating to healthcare and sets civil and criminal penalties for them. The new regulations in The Health Information Technology for Economic and Clinical Health Act (HITECH Act) that become affective Sept 23, 2009 dramatically change compliance requirements and enforcement rules.