HIPAA Compliance with SVT
What is HIPAA and who does it apply to?
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 (P.L.104-191) [HIPAA] was enacted by the U.S. Congress in 1996. According to the Centers for Medicare and Medicaid Services (CMS) website, Title I of HIPAA protects health insurance coverage for workers and their families when they change or lose their jobs. There are multiple areas of concern within the HIPAA Act but certainly includes sensitive data processed and stored on IT systems.
How does HIPAA affect your enterprise?
The HIPAA Privacy Rule regulates the use and disclosure of certain information held by “covered entities” (generally, health care clearinghouses, employer sponsored health plans, health insurers, and medical service providers that engage in certain transactions.) It establishes regulations for the use and disclosure of Protected Health Information (PHI). PHI is any information held by a covered entity which concerns health status, provision of health care, or payment for health care that can be linked to an individual. This is interpreted rather broadly and includes any part of an individual’s medical record or payment history.
A covered entity may disclose PHI to facilitate treatment, payment, or health care operations, or if the covered entity has obtained authorization from the individual. However, when a covered entity discloses any PHI, it must make a reasonable effort to disclose only the minimum necessary information required to achieve its purpose.
How SVT can help you!
Many of the requirements laid out in the HIPAA Act are process and policy-related requirements, in other words not managed by IT technical systems. Of the remaining, SVT monitors all that can be audited in a Windows environment. The National Institute of Standards and Technology (NIST) have created one of the most comprehensive and straight forward HIPAA-centric control documents – SP800-66. SVT supports this standard with nearly 100 report-to-control combinations.
SVT gives you a mechanism that supports sound, repeatable security management, and that’s a cornerstone security requirement regardless of which standard you must adhere to.
Please contact us today for more information on how SVT Audit Manager 2010 can help meet your regulation needs.