3 Must Follow Steps to Protect ePHI and Comply with the HIPAA Security Rule

ePhi Data SecurityThe HIPAA Privacy Rule was enacted in 1996 to create protection standards for patients in the United States. While the Privacy Rule pertains to all protected health information, including paper and electronic, the Security Rule pertains specifically to electronic protected health information.

The Security Rule became effective in 2005 to establish national standards for the protection of individuals’ electronic personal health information (ePHI). The Security Rule applies to all health providers and covered entities that create, use, maintain, or transmit ePHI. The Security Rule requires physical, administrative, and technical safeguards to make sure the security and confidentiality of ePHI.

There’s a variety of potential threats and vulnerabilities that could leave ePHI at risk for disclosure, including:

  • Cybercriminals and displeased employees
  • Employee mistakes and mishandling
  • System outages
  • Disasters, natural and man-made
  • Portable device theft or loss

As a healthcare provider or covered entity, you must follow these important steps to protect ePHI:

Conduct a Risk Analysis

Conduct a complete risk analysis to identify all electronic personal health information, determine the risks and vulnerabilities to that information, and then document your current safeguards.

Mitigate the Risks

Develop a plan to mitigate risks to ePHI, then implement the safeguards from the plan into your current safeguards and business processes.

Update Policies and Procedures

Update your policies and procedures to make sure compliance with the HIPAA Security Rule at all times.

To learn more about HIPAA Security Rule compliance, give us a call at (425) 998-9199 or send us an email at cslade@silvertipit.com. Slivertip IT can help you safeguard ePHI and maintain HIPAA compliance.

IT Support Companies in Seattle
 
CLIENT FEEDBACK

“I can’t emphasize enough how much we rely on and trust the IT professionals from Silvertip IT. Silvertip is always available when needed, whether remotely, in our office, or over the phone.  We can rely on Silvertip IT whether it’s during office hours, evening hours, or on weekends. And believe me, we needed them because before they we found Silvertip we had our share of IT issues!”

-Shimizu and Shimizu CPA
read more»