NTENSE TECHNOLOGIES GROUP
 
 

HIPAA

Hipaa Law
Readiness Checklist

Case Studies

The Pain Institute
Satellite Healthcare

What is HIPAA?

On April 12, 2001 the Health Insurance Portability and Accountability Act (HIPAA) became law. HIPAA regulations are designed to improve efficiency and effectiveness through the use of electronic healthcare transactions. In doing so, data collection and paperwork can be dramatically reduced, confidential patient information can be properly protected and costly healthcare errors can be avoided.

HIPAA requires that the healthcare industry protect the privacy of patient records and promotes uniform security standard for the electronic transmission of patient-identifiable information. Existing systems used to store and access electronic data will have to be reevaluated. If they lack the capacity for adequate access control or auditing they will have to be enhanced or replaced.

HIPAA will undoubtedly cause major organizational and financial disruptions for many healthcare providers. For some, the Security Rule may be particularly daunting because it involves sophisticated information technology (IT) concepts and components that might not be available in their existing IT environment. Not surprisingly, many concerns will also exist about expensive, complex and time-consuming upgrades. Overall, compliance will require organizations to develop a detailed understanding of their IT systems to effect addressing those vulnerabilities.

However, implementation of sound security strategy and practice of ongoing security risk management is the best approach to meet the changing demands of the healthcare industry. Simply put, adopting the requirements of HIPAA's Security Rule makes good business sense. An organization lacking adequate protection risks inadvertent disclosure of patient data with resulting loss of public trust and potential legal action. Hacking and other security violations may be widely publicized seriously damaging and institution's community standing. In addition appropriate security protections are crucial for encouraging the growth and use of electronic data interchange. Given the threats facing organizations today, the potential costs on not reasonably addressing security risks could substantially exceed the cost of compliance.