The Health Insurance Portability and Accountability Act (HIPAA) Final Rule on Security Standards, issued on February 20, 2003, was enacted to ensure the confidentiality, integrity, and availability of electronic protected health information (EPHI). It lays out three types of security safeguards for EPHI that covered entities are required to put in place: administrative, physical, and technical. For each of these types, various security standards are identified; and for each standard, both required and addressable implementation specifications are provided. Specifications must be carefully interpreted to meet HIPAA intent while also fitting within an organization’s operations. AppliedTrust’s extensive experience in healthcare gives you a partner who can help you interpret and address HIPAA requirements in a reasonable way.
The Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009, widens the scope of privacy and security protections available under HIPAA, increases potential legal liability for non-compliance, and provides more enforcement of HIPAA rules.
Regulations such as the HIPAA Security Rule give healthcare-related organizations guidance regarding how they develop and implement IT security practices and systems for capturing, storing, and securing electronic healthcare information, but their scope can be overwhelming to organizations that are subject to comply, leaving them unsure of where to even start.
Let us bring a practical approach to your HIPAA compliance efforts. Call us at (303) 245-4545 or contact us online.