HIPAA Compliance

Using hard drive full disc encryption for safety of electronic data

Healthcare providers often stand at the risk of losing confidential and personal data when laptop computers are misplaced or stolen. Companies large and small, public and private, are all at risk.

The real and associated costs of data breaches are staggering: In 2006, corporations that experienced a data breach spent an average of $5 million trying to recover data. Customer relationships suffer, too; among consumers that discovered their data had been lost, 20 percent terminated their relationships with the company, another 40 percent considered terminating their relationships, and 5 percent considered legal action.

Federal laws such as the Gramm-Leach-Bliley Act and the Health Insurance Portability and Accountability Act (HIPAA) make the security of critical digital content–including the secure disposal of electronic files to end the data lifecycle–a fundamental requirement. On a state by state basis, 29 states thus far have enacted data protection legislation and 28 of these laws have provisions calling for the encryption of digital content.

Healthcare providers can opt for hard drive full disc encryption which protects everything with a single mechanism and point of entry. Hard drive full disc encryption is straightforward; it automatically protects every bit of computer data without any human intervention. It makes any data stored on a stolen or lost notebook unreadable and unusable forever. It can also automatically “repurpose” existing laptops or deny access to data when computers reach the end of their useful life. By simply changing the encryption key on the disc, all stored data is instantaneously rendered unreadable and unusable forever–saving both time and money.

The advantages of hard drive full disc encryption are clear; the dangers of stolen and misplaced laptops are overwhelming. To thoroughly protect sensitive information, government and business organizations must mandate hard drive full disc encryption–especially for mobile workers–to help keep data from falling into the wrong hands. The time to lock laptops down is now.

Civil and Criminal penalties for HIPAA violations

The authorities have made it a point that a strict penalty is imposed on healthcare providers in case HIPAA laws are violated. When the personal health information of any patient is unlawfully transferred from one source to another, the law imposes both, criminal and civil penalties. The civil penalties for HIPAA violations include: The American … Continue reading

Importance of complying with the norms of the HITECH Act

HITECH Act was signed in 2009 but it took effect in 2010. HITECH intends to encourage the adoption and meaningful use of technology as it pertains to health information. HITECH strengthens civil and criminal enforcement of the existing HIPAA rules and regulations and for those not dealing with the electronic transmission of health information properly, … Continue reading

Why will to need to flash your photo ID during your doctor visit?

With the advent of 2011, you now not only have to sign a new privacy form every time you visit a doctor but also have to show your photo ID. This is because with December 31, 2010, a new legislation designed to prevent the theft of your identity – colloquially called the “Red Flags Rule” … Continue reading

HIPAA Security Certification and Training

Certification training for information professionals applies directly to the storage and use of Protected Health Information (PHI) and the electronic version (EPHI). This is defined as any information which can directly identify an individual and any care received. This includes physical or mental care or state of health in the past, present, or future, as … Continue reading

What are the amendments to the Red Flags Rule?

The Red Flags Rule has been delayed five times and it has finally come into effect on January 1, 2011. After the amendment to exclude health care providers and a few other industries, the rule now requires other businesses that lend money or allow consumers to make payments to take specific steps to minimize identity … Continue reading

What are the Network security requirements under HIPAA?

With the advancement of technology and increasing exchange of patient information between health organizations, insurance providers and referral agencies exposes patient information to a series of users and facilities. So, health-related organizations must meet certain technology requirements in terms of how their computer networks operate in order to comply with HIPAA. These network requirements provide … Continue reading

CMS to hold teleconferences on ICD-10 and HIPAA 5010 implementation

Last year, the Centers for Medicare & Medicaid Services (CMS) had issued a reminder to health care providers, health plans, clearinghouses, and vendors about the approaching compliance dates for a new generation of diagnosis and procedure codes and updated standards for electronic health care transactions. It also stated that all entities covered under the Health … Continue reading

What are the advantages offered by HIPAA 5010?

HIPAA 5010 is the next step towards implementing Administrative Simplification between Healthcare Covered Entities. HIPAA 5010 paves the way for further standardization providing Trading Partners better communication and more efficient, less expensive business processes. In January 2009, CMS mandated conversion to HIPAA version 5010 by January 1, 2012. Generic enhancements made to all of the … Continue reading

How will HIPAA potentially impact FMLA Certification?

The Family and Medical Leave Act of 1993 (FMLA) is a United States federal law requiring larger employers to provide employees job-protected unpaid leave due to a serious health condition that makes the employee unable to perform his or her job, or to care for a sick family member, or to care for a new … Continue reading