By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: A Summary of the HIPAA Privacy Rule
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > eHealth > Medical Records > A Summary of the HIPAA Privacy Rule
Medical Records

A Summary of the HIPAA Privacy Rule

ConnectriaHosting
ConnectriaHosting
Share
3 Min Read
HIPAA Privacy Rule Overview
SHARE

HIPAA Privacy Rule OverviewThe Health Insurance Portability and Accountability Act (HIPAA)’s Privacy Rule focuses on the rights of an individual to control the use of his or her protected health information (PHI).

HIPAA Privacy Rule OverviewThe Health Insurance Portability and Accountability Act (HIPAA)’s Privacy Rule focuses on the rights of an individual to control the use of his or her protected health information (PHI). According to Section 1171 of Part C of Subtitle F of Public Law 104-191 (August 21, 1996): Health Insurance Portability and Accountability Act of 1996: Administrative Simplification, PHI “is (A) created or received by a health care provider, health plan, public health authority, employer, life insurer, school or university, or health care clearinghouse; and (B) relates to the past, present, or future physical or mental health or condition of an individual, the provision of health care to an individual, or the past, present, or future payment for the provision of health care to an individual.”

Under the stipulations of the Privacy Rule, a wide range of organizations such as, but not limited to, insurance providers, clearinghouses, and health care facilities must take steps to safeguard PHI that is being entrusted to them. This includes PHI that is shared electronically, orally, and or copied onto paper. With regards to electronic protected health information, or ePHI, companies must safeguard a total of 18 different types of personally identifiable information.

Companies that store ePHI on their own internal infrastructure must protect their servers against any anticipated threats, hazards or unauthorized disclosures. However, many struggle to do to this, and choose to use a managed hosting provider that is HIPAA Compliant. These companies typically undergo annual audits that look from everything from server security, firewalls, data center access and etc. Those that use hosting providers to store, use and/or disclosure PHI must draw up Business Associate Agreements (BAAs) to protect their confidential patient health information and prevent HIPAA violations. Under HIPAA’s standards for penalties, companies that neglect their BAA requirements may receive significant fines for data breaches.

More Read

icd-10 and HIPAA
Improve Document Security in the Face of ICD-10: A HIPAA Checklist
SkinPut – A Touchscreen on Your Skin
Paper Records More Susceptible to Breach than Any Other Medium
CAP Template Providing Too Much Information?
EMR Designers: Borrow From the Titans of Technology

While the process of complying with the HIPAA Privacy Rule requirements may seem like a chore, companies must not take any chances. Whether they choose to use hosting providers or instruct their in-house IT teams to secure their internal servers, they must ensure the confidentiality of PHI. If they fail to do so, the damage done may be irreversible.

Sources:

HIPAA Compliance Checklist

http://www.privacy.wv.gov/tips/Pages/HIPAAPrivacyHIPAASecurity.aspx

http://www.atlantic.net/blog/2013/11/27/hipaa-compliant-hosting-requirements-easy-solution-oriented-checklist/

http://www.apapracticecentral.org/business/hipaa/faq.aspx

http://www.tricare.mil/tma/privacy/hipaa-baa.aspx

http://www.onlinetech.com/resources/e-tips/hipaa-compliance/five-questions-to-ask-your-hipaa-hosting-provider

https://www.google.co.uk/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0CDkQFjAA&url=https%3A%2F%2Fwww.arbornetworks.com%2Fdocman-component%2Fdoc_download%2F41-ensuring-hipaa-compliance-on-internal-networks&ei=WsolU4_wKILChAeMpYGoCA&usg=AFQjCNG4xkyuz4vf30KhSp7FSJLofhB1pw&bvm=bv.62922401,d.ZG4

http://searchhealthit.techtarget.com/definition/electronic-protected-health-information-ePHI

What exactly is ePHI? Who has to worry about it? Where can it be safely located?

Click to access udmn.pdf

http://privacyruleandresearch.nih.gov/pr_07.asp

http://aspe.hhs.gov/admnsimp/pl104191.htm#1171

TAGGED:HIPAAPrivacy
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

Nurse Scheduling Software
Evaluating 7 Best Nurse Scheduling Software
Nursing Technology
October 28, 2025
contamination
Batch Failures And The Hidden Costs Of Contamination
Health Infographics
October 21, 2025
Medication Management For Seniors
Simplifying Medication Management For Seniors
Infographics Senior Care
October 21, 2025
Guide To Pursuing a Career in Nursing as a Foreigner in the USA
Collaboration Is the Prescription for Better Patient Care
Health
October 20, 2025

You Might also Like

Medical RecordsPolicy & LawTechnology

Cybersecurity in Healthcare: What’s Working?

August 2, 2017

A Framework for Embracing Cloud in Health and Healthcare

January 29, 2015
images
Medical Records

Infographic:Making Sense of Meaningful Use

March 29, 2012
eHealthMedical Records

Why Cybersecurity Should Be Healthcare’s Number One Priority

April 3, 2018
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?