This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Health Insurance Portability and Accountability Act
Health Insurance Portability and Accountability Act

Version management

Difference between version and

At line 1 added 52 lines
!!! Overview
[{$pagename}] ([HIPAA]) is a [United States Federal Law] and a [Federal Health Care Law]
As our primary focus is around "[data]" and specifically, [Health information] we will concentrate on the "Security Rule" provisions and data transmission related aspects of [{$pagename}].
%%warning
Never trust [{$applicationname}]. Always perform your own due diligence. [Standard Disclaimer|Standard Disclaimer]
%%
!! [Health Information Portability and Accountability Act (HIPAA)|http://aspe.hhs.gov/admnsimp/pl104191.htm]
In basic terms, the [{$pagename}] The [HIPAA Privacy Rule] covers [Protected Health Information] in any medium while the [HIPAA Security Rule] covers electronic [Protected Health Information].
Also known as the Kennedy-Kassebaum Act, the Act includes a section, Title II, entitled Administrative Simplification, requiring [Compliance]:
# Improved efficiency in healthcare delivery by standardizing electronic data interchange, and
# Protection of [confidentiality] and [security] of health data through setting and enforcing standards.
More specifically, HIPAA called upon the [United States Department of Health and Human Services] ([HHS]) to publish new [Regulatory compliance] rules that will ensure:
# Standardization of electronic [patient] health, administrative and [Financial Data]
# Unique health identifiers for individuals, employers, health plans and health care providers
# Security standards protecting the [confidentiality] and [integrity] of "individually identifiable health information," past, present or future.
Effective [compliance] requires organization-wide implementation. [Compliance] requirements include:
* Building initial organizational awareness of [HIPAA]
* Comprehensive assessment of the organization's [privacy] practices, information security systems and procedures, and use of electronic transactions
* Developing an action plan for [compliance] with each rule
* Developing a technical and management infrastructure to implement the plans
* Implementing a comprehensive implementation action plan, including
** Developing new policies, processes, and procedures to ensure [privacy], [security] and [patients]' rights
** Building business associate agreements with business partners to support HIPAA objectives
** Developing a secure technical and physical information infrastructure
** Updating information systems to safeguard [Protected Health Information] ([PHI]) and enable use of standard claims and related transactions
** Training of all workforce members
** Developing and maintaining an internal privacy and security management and enforcement infrastructure, including providing a [Privacy Officer] and a [Security Officer]
!! Data Generated By [Patient]
Generally, [Data] Generated By [Patient] is "mostly outside of the disclosure restrictions and requirements found in the [{$pagename}] ([HIPAA])"[1]
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Report on Best Privacy Practices for R&D in the Wearables|https://cdt.org/files/2016/05/2016-05-17-Fitbit-FNL1.pdf/|target='_blank'] - based on information obtained 2016-05-20-
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop