One of the most frequent questions asked is “How do I know for sure if I am HIPAA compliant?” Complying with the HIPAA Security Rules can be overwhelming, however we are here to help!
Here are some of the electronic security elements that CEs may have to consider to be compliant:
The HIPAA Security Rules are categorized into Administrative, Physical and Technical.
The five technical safeguard standards are:
- access control
- audit controls
- person or entity authentication
- transmission security.
Each standard has implementation specifications, which can be required or addressable. However, addressable does not mean “optional.”
The rule lays out the requirements and it is up to each individual organization to determine how to best meet the requirements, including which specific security technologies to implement.
Now, however, on an annual basis, HHS is required to issue
“…guidance on the most effective and appropriate technical safeguards”. HHS is required to assess advances in information technology and security measures that CEs and BAs may use to control and protect their EPHI including, but not limited to: • Firewalls • Encryption • Password authentication • Digital signatures • Secure, remote data backup • Biometric access methods • Anti-Spyware and Anti-virus software • Security Auditing and Logging • Smart cards • Computer physician order entry (CPOE) systems
There are many elements required to be fully HIPAA compliant. Are you sure that you have all your based covered?
Download our HIPAA Security Assessment Toolkit™ and make it simple to ensure that your business is compliant!
More HIPAA HITECH Resources:
The complete HIPAA Privacy, Security and Breach regulations are here.
We have assisted more than 400 customers to operationalize and mature their information privacy, security, compliance and information risk management programs. And in the process, we are raising the bar for safeguarding PHI, protecting millions of Americans and driving real value for the organizations we support and the healthcare industry at large.