HIPAA Compliance
Protecting Patient Health Information.
The Health Insurance Portability and Accountability Act (HIPAA) is a US federal law enacted to modernize the flow of healthcare information and stipulate how Protected Health Information should be secured.
Key HIPAA Rules
The Privacy Rule: Sets national standards for the protection of individuals' medical records and other identifiable health information (PHI).
The Security Rule: Sets standards for the security of electronic Protected Health Information (ePHI).
The Breach Notification Rule: Requires notification following a breach of unsecured protected health information.
Best Practices
Minimum Necessary: Only access, use, or disclose the minimum amount of PHI necessary to accomplish your job duties.
Secure Communication: Use encrypted email and secure messaging when transmitting ePHI.
Physical Security: Ensure physical documents containing PHI are stored securely and computer screens are not visible to unauthorized persons.