The Health Insurance Portability and Accountability Act (HIPAA) is United States legislation that provides data privacy and security requirements for safeguarding medical information. The law was originally passed almost 30 years (in 1996) ago due to health data breaches caused by cyberattacks tied back to sloppy protective measures at health insurers and providers. In 2013, the HITECH Act added some much-needed updates to the act to reflect the migration to Online and Internet service models.
Since 1996, HIPAA has been modified to include processes for safely storing and sharing patient medical information electronically. It also includes administrative simplification provisions, which are aimed at increasing efficiency and reducing administrative costs by establishing national standards.
In healthcare circles, adhering to HIPAA Title II is what most people mean when they refer to ‘HIPAA Compliance’. Also known as the Administrative Simplification provisions, Title II includes the following HIPAA compliance requirements:
A HIPAA-covered entity is any organization or corporation that directly handles PHI or personal health records (PHRs). Covered entities are required to comply with HIPAA and the Health Information Technology for Economic and Clinical Health (HITECH) Act mandates for the protection of PHI and PHRs.
Covered entities fall into three categories:
Entities can use the HHS online tool to determine if they qualify as a HIPAA-covered entity or BA and, consequently, if they must comply with HIPAA or not.
Additional Cybersecurity Recommendations
Additionally, these recommendations below will help you and your business stay secure with the various threats you may face on a day-to-day basis. All of the suggestions listed below can be gained by hiring CyberHoot’s vCISO Program development services.
All of these recommendations are built into CyberHoot the product or CyberHoot’s vCISO Services. With CyberHoot you can govern, train, assess, and test your employees. Visit CyberHoot.com and sign up for our services today. At the very least continue to learn by enrolling in our monthly Cybersecurity newsletters to stay on top of current cybersecurity updates.
Sources:
Additional Reading:
What to Do with Critical Medical Device Vulnerabilities
Managing a Cybersecurity Incident
Related Terms:
Cybersecurity Maturity Model Certification (CMMC)
CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like:
Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
Ever had your phone suddenly lose service for no reason, followed by a flood of “reset your password”...
Read moreAs smart homes get smarter, so do their habits of watching, sensing, and reporting. Enter WiFi Motion Detection, a...
Read moreSpoiler alert: If you’re still using “password123” or “iloveyou” for your login… it’s time for an...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.