All hipaa related articles
Health data, due to its sensitive nature, has always been considered a special category of data and invariably falls under the jurisdiction of data protection regulations. Under the EU’s new General Data Protection Regulation (GDPR), it is explicitly classed as a special category of personal data under article 9 which requires the strict application of the regulation’s requirements. In the US, health data falls under the incidence of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH), two interconnected acts which together guarantee its protection.
Regulated by the Department of Health and Human Services (HHS), HIPAA is enforced by the Office of Civil Rights (OCR), outlines the lawful use and disclosure of protected health information (PHI) and guarantees its …Read more
A recent study released by the American Journal of Managed Care (AJMC) revealed that one third of healthcare data breaches in the US occur in hospitals. The researchers analysed breaches reported to the Office of Civil Rights (OCR). Under federal legislation, if a healthcare privacy breach affects 500 or more patients, institutions are obligated to inform the OCR about it. The details of the breach are then made publicly available on the OCR’s data breach portal.
The study looked at what type of breaches occur most often in hospitals, the kind of data that they target and how vulnerable healthcare institutions are to them. Covering breaches that occurred between October 2009 and July 2016, they discovered that 215 hospitals were hit by breaches affecting over 6.5 million individuals.
The most common type of data breach, which occurred 112 times, was physical theft which compromised…Read more
Health-related data is moving more and more from paper to electronic records, determining changes in how healthcare organizations or other industries processing healthcare records are managing and protecting their data today. Businesses that are involved in any way with the use or management of PHI (personal health information) of individuals, need to ensure that they secure their sensitive data against loss or leakage, by following security guidelines, like HIPAA, in order to avoid penalties.What is HIPAA
Health Insurance Portability and Accountability Act of 1996, HIPAA, provides data privacy and security measures for protecting medical information. The legislation is designed to protect the ePHI (electronic protected health information) of individuals, like Social Security Numbers, medical ID numbers, credit card numbers, drivers’ license numbers, home address,…Read more