DeviceLock for HIPAA Compliance

Save this article
Print this page
Send to
- Tweet
- Facebook
- LinkedIn

PDF
Regulation
01 May 2008

Download

In keeping with the Health Insurance Portability and Accountability Act, Public Law 104-191 (HIPAA), which was adopted in 1996, all American organizations which use the personal medical data of citizens are required to guarantee the confidentiality of that information. HIPAA requirements are mandatory for medical institutions, medical insurance companies, government agencies and other organizations which have access to private medical records.

The privacy and security requirements set out in HIPAA have also been included in two additional statutory acts. First, there is the HIPAA Privacy Rule (Standards for Privacy of Individually Identifiable Health Information). This document requires that the confidentiality of absolutely all medical data be maintained, whether the data is in paper or electronic format or even if the information was pronounced out loud by a doctor. In general, the HIPAA Privacy Rule focuses on general issues of ensuring the protection of medical data, such as cases in which data is disclosed to third parties or organizations.

Second, there is the HIPAA Security Rule (Health Insurance Reform: Security Standards). This document contains more detailed requirements for the protection of electronic medical records and describes the necessary policies and procedures. Violation of HIPAA provisions is punishable with both civil and criminal liability. The US Department of Health and Human Services may fine violators USD 100 for one incident of noncompliance with HIPAA requirements. However, if a person knowingly receives or discloses someone else’s medical data in violation of HIPAA requirements, they can be fined up to USD 50,000 and may be sentenced up to one year in jail. For those who intentionally violate and trade private individual health data and obstruct an investigation, punishment may be increased to USD 250,000 and up to 10 years in jail.

This white paper reviews the requirements of the HIPAA Security Rule, which has an impact on a company's information infrastructure and the security means used therein. Also, it addresses the features of DeviceLock, a product by DeviceLock, Inc., which can help organizations achieve compliance with HIPAA much more effectively.

DeviceLock for HIPAA Compliance

More on Regulation

Crypto: Too important to ignore

Integrating Pillars 1, 2 and 3: A better way to Basel IV

Regulatory reporting: Firms seek flexibility, automation and the cloud

Podcast: Leveraging real-time data feeds for faster business decisions

APAC Buy-Side Firms Embrace Alt Data and the Cloud

The Emir Refit Playbook

DeviceLock for HIPAA Compliance

Securing Data to meet SOX Compliance

Achieving Compliance with the Combined Code on Corporate Governance (UK)

Preventing Identity Theft and Achieving Compliance with GLBA & FACTA

Assessing Operational Risks for Basel II Compliance

The power of three: How technology, service and expertise can transform investment operations

Driving strategic transformation of investment operations

Real-time and historical market data: Priorities, preferences and the cloud

Investment management ‘one analytics view’ for credit bonds and ESG risk factors

Finding the investment management ‘one analytics view’

In search of clean data: Firms navigate data challenges as LLM adoption flourishes

Driving strategic transformation of investment operations

Real-time and historical market data: Priorities, preferences and the cloud

The power of three: How technology, service and expertise can transform investment operations

Demand for managed services grows as firms focus on the bottom line

In search of clean data: Firms navigate data challenges as LLM adoption flourishes

Finding the investment management ‘one analytics view’

Browse categories

Sign in or register to instantly access

Don't have an account?