HIPAA Security Rule

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 was introduced to protect the privacy and safety of patients' health information. To meet this requirement, the U.S. Department of Health and Human Services (HHS) published the most notable rules knows as HIPAA Privacy Rule and HIPAA Security Rule.

HIPAA Security Rule - An Introduction
As per the HHS specification, the Security Standards for the Protection of Electronic Protected Health Information (the Security Rule) is a national set of security standards which protect health information that are either transferred or held in electronic form.

By working on safeguarding the technical and nontechnical information of "covered entities" and by securing individuals' "electronic protected health information" (e-PHI), the Security Rule makes the Privacy Rule protections operational.

Goal of HIPAA Security Rule
  • Protecting the privacy of individuals' health information
  • Assisting covered entities to adopt new technologies to improve the quality and efficiency of patient care.
  • Keeping in mind the diversity of the health care marketplace, the Security Rule has to be flexible and scalable. With these features, the security rule has a goal to help a covered entity implementing policies, procedures, and technologies that are appropriate for the entity's particular size, organizational structure, and risks to consumers' e-PHI. 
Who is Covered by the Security Rule
Like all Administrative Simplification rules, the Security rule is applicable to health plans, health care clearinghouses, and to any health care provider transmitting health information in electronic form in connection with a transaction for which the Secretary of HHS has adopted standards under HIPAA (the "covered entities").

Enforcement and Penalties for Noncompliance with HIPAA Security Rules
As per the HHS specification, the Security Rule is a set of national standards meant for confidentiality, integrity and availability of e-PHI. For proper execution and enforcement of Security rule, HHS and Office of Civil Rights (OCR) will be held responsible and they will also be authorized to conduct complaint investigations and compliance reviews.

Want to learn more about HIPAA Security Rules? ComplianceOnline Webinars are a great way to understand more about Security Rules. These industry leading and world class webinars are conducted by leading experts and professionals with more than 20 years experience in the field of HIPAA compliance. These webinars are easily available as on demand recordings and CDs at very affordable prices. If you want to provide world class training to your employees on HIPAA compliance and HIPAA Security Rules, ComplianceOnline webinars are the ways to go!

Auditing HIPAA Security Rule Compliance
Be Prepared for a HIPAA Security Audit
HIPAA Basics: Introduction to the Privacy and Security Standards
Auditing Requirements and IT Responsibilities for HIPAA electronic record security regulation