HHS to Start Auditing For HIPAA Compliance

Wednesday, September 14, 2011

Contributed By:
Emmett Jorgensen

Article by Emmett Jorgensen

Later this year the Department of Health and Human Services (HHS) will begin auditing health providers to ensure they are in compliance with the Health Insurance Portability and Accountability Act (HIPAA).

Despite both HIPAA and the HiTECH Act, healthcare data breaches have been popping up regularly in the news.

A recent study found that over 70% of hospitals had patient data breaches last year.

These numbers have generated concern over Healthcare’s adoption of security procedures and the overall effectiveness of HIPAA.

Although HIPAA requires healthcare organizations to encrypt all electronic protected health information (EPHI) they have been slow to implement the security needed to meet the HIPAA guidelines.

The audits appear to be an attempt to address these concerns and motivate healthcare providers to step up their security measures to protect patient data.

Providers failing to comply with these HIPAA audits face potential fines and negative publicity.

For more information on HIPAA, checkout these resources:

- An Introductory Resource Guide to Implementing the HIPAA Security Rule (PDF)

- HIPAA Survival Guide

Cross-posted from Kanguru Blog – Technology on the Move!

Share This! |

Views:	5167
Categories:	HIPAA
Industries:	Healthcare Provider
Tags:	breaches HIPAA Compliance Data Loss Prevention HITECH Healthcare

Post Rating I Like this!

Comments:

Colleen Curtin All the more reason to check this out...a great HIPAA and HITECH-compliant secure messaging solution, for replacing and supplementing pagers: https://miSecureMessages.com/h...
It's an app for smartphones and tablet devices that makes your device alert you like a pager with a secure message (except it saves you money because it costs Less than paging services and you can Do More with it--you can even secure message back and forth between your colleagues!). Your messages are received and sent instantly.
It even ties in with our OnCall Scheduling solution--letting you see your oncall schedule and change your status.
You'll love using it instead of that old pager, and so will your healthcare organization's budget!

1316195315

Colleen Curtin that link is https://miSecureMessages.com/howItWorks.php

1316195343

Online Tech Encryption isn't technically required by HIPAA, but is considered a best practice. Do you know if they are auditing business associates as well?

1316447289

Emmett Jorgensen I don't believe this first round of audits will target the business associates of healthcare providers. However, since HIPAA preaches training everyone involved in the handling of sensitive information, I think it will eventually move in that direction.

1316453089

You Must Register or Login to Comment

The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked

Latest Member Comments

"I thought this article discuss a very important issue of security.If we have well developed technology in one particular field then we ..."

Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013

"ATM machine are for our convenience but if we are not careful they can compromise our safety. Discount theater tickets "

ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013

"A expressive case study is used to explore causation in order to find underlying principles. Case studies may be prospective in which c..."

New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013

"In the social sciences and life sciences a case study or case report is a descriptive or descriptive analysis of a someone, group or ev..."

Case Study: A Cloud Security Assessment... Caitlin Rachel on 05-21-2013