HIPAA Overview
The Department of Health and Human Services (HHS) has released a series of rules for covered health care entities. These rules form the foundation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA)
The HIPAA Security Standards were created to protect electronic health care information with the growing use of technology in the medical field.
The core of HIPAA Security Standard for Electronic Protect Health Information (EPHI) is a group of safeguards and accompanying requirements. These principles and requirements are shown below.
HIPAA Security Standard |
Administrative Safeguards |
- Security Management Process
- Assigned Security Responsibility
- Workforce Security
- Information Access Management
- Security Awareness and Training
- Security Incident Procedures
- Contingency Plan
- Evaluation
- Business Associate Contracts and Other Arrangements
|
Physical Safeguards |
- Facility Access Controls
- Workstation Use
- Workstation Security
- Device and Media Controls
|
Technical Safeguards |
- Access Control
- Audit Controls
- Integrity
- Person or Entity Authentication
- Transmission Security
|
How it affects you
HIPAA applies general safeguards to all covered entities included within the scope of the list below.
Covered Entity |
Primary Requirements |
Covered Health Care Providers |
Any medical or health care provider that transmits electronic health care information relating to transactions that HHS has adopted standards for. |
Health Plans |
Any plan (individual or group) that pays or provides health care costs. |
Healthcare Clearing Houses |
Any entity that processes another entities health care transactions from standard to non-standard formats or visa-versa. |
Medicare Prescription Drug Card Sponsors |
Temporary effect until end of drug card program in 2006. |
How we can help
Secure Vantage builds products that can help you meet the requirements of HIPAA Security Standard. We help support the following safeguard requirements:
HIPAA Security Standard |
Administrative Safeguards |
Administrative safeguards can be improved by the wealth of canned reporting, security alerting and knowledge guidance available to assist organizations implement audit controls and repeatable assessment processes. |
Physical Safeguards |
Device and media can be monitored for access, availability and integrity with standard audit control templates. |
Technical Safeguards |
Technical controls are implemented via System Center Operations Manager and Configuration Manager providing canned auditing for technical safeguards relating to Windows Operating Systems and Applications. |
Case Study September 2007 - Sunnybrook Health Sciences Centre Enhances IT Management with Microsoft System Center Operations Manager 2007
Learn More.....
|
News & Events
Press Release 07/08/08: Secure Vantage Technologies and Infront Consulting join forces to offer free training and education series for the Audit Collection Service
Press Release 05/21/2008: Secure Vantage Technologies partners to create a Security Management Partner Solutions bundle for System Center customers
Read more
|
|
|