HIPAA and Privacy

This is a summary of the HIPAA and privacy regulations, for a more complete discussion please see the HIPAA and privacy white paper

What is HIPAA?

The HIPAA of 1996 was introduced to improve the efficiency and effectiveness of the healthcare system in the US, including national standards for electronic healthcare transactions and code sets, unique health identifiers, and security. At the same time, it mandates privacy protections for individually identifiable healt information. The HIPAA Rules apply to Covered Entities and Business Associates

What is HITECH?

HITECH came into effect in February 2009 and promotes the adoption and meaningful use of health information technology. It also addresses the privacy and security concerns associated with the electronic transmission of health information.

Security Rules

Privacy Rule

The Privacy Rule addresses the use and disclosure of individuals’ PHI by Covered Entities or Business Associates. It ensures that individuals’ health information is properly protected, while permitting the disclosure of health information needed for high quality healthcare and to protect the public’s well-being. Further standards within the Rule provide for individuals’ rights to understand and control how their health information is used.

Security Rule

The Security Rule encompasses federal safeguards for protecting PHI in electronic form (e-PHI), and must be applied by Covered Entities and their Business Associates to ensure the confidentiality and integrity of e-PHI. The Rule allows the adoption of technologies to improve the quality and efficiency of patient care, such as those used in PMA, EHR, pharmacy and laboratory systems.

What is considered PHI?

In essence, PHI is information that relates to the individual’s health condition, or the provision of healthcare to the individual, that identifies, or can be used to identify, the individual.

Ensuring Compliance

When writing applications you need to consider the content of your data and how it's handled, the Considerations for Application page provides some guidance for how to make your applications on Aculab Cloud compliant with the regulations.