By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: A Summary of the HIPAA Privacy Rule
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > eHealth > Medical Records > A Summary of the HIPAA Privacy Rule
Medical Records

A Summary of the HIPAA Privacy Rule

ConnectriaHosting
ConnectriaHosting
Share
3 Min Read
HIPAA Privacy Rule Overview
SHARE

HIPAA Privacy Rule OverviewThe Health Insurance Portability and Accountability Act (HIPAA)’s Privacy Rule focuses on the rights of an individual to control the use of his or her protected health information (PHI).

HIPAA Privacy Rule OverviewThe Health Insurance Portability and Accountability Act (HIPAA)’s Privacy Rule focuses on the rights of an individual to control the use of his or her protected health information (PHI). According to Section 1171 of Part C of Subtitle F of Public Law 104-191 (August 21, 1996): Health Insurance Portability and Accountability Act of 1996: Administrative Simplification, PHI “is (A) created or received by a health care provider, health plan, public health authority, employer, life insurer, school or university, or health care clearinghouse; and (B) relates to the past, present, or future physical or mental health or condition of an individual, the provision of health care to an individual, or the past, present, or future payment for the provision of health care to an individual.”

Under the stipulations of the Privacy Rule, a wide range of organizations such as, but not limited to, insurance providers, clearinghouses, and health care facilities must take steps to safeguard PHI that is being entrusted to them. This includes PHI that is shared electronically, orally, and or copied onto paper. With regards to electronic protected health information, or ePHI, companies must safeguard a total of 18 different types of personally identifiable information.

Companies that store ePHI on their own internal infrastructure must protect their servers against any anticipated threats, hazards or unauthorized disclosures. However, many struggle to do to this, and choose to use a managed hosting provider that is HIPAA Compliant. These companies typically undergo annual audits that look from everything from server security, firewalls, data center access and etc. Those that use hosting providers to store, use and/or disclosure PHI must draw up Business Associate Agreements (BAAs) to protect their confidential patient health information and prevent HIPAA violations. Under HIPAA’s standards for penalties, companies that neglect their BAA requirements may receive significant fines for data breaches.

More Read

First Lawsuit Filed Against a Business Associate Under HIPAA / HITECH
8 Healthcare Provider Pain Points
Could Underperforming EHRs Be Responsible for the Meaningful Use Dropout Rate?
How Blockchain can Evolve Healthcare System?
Infographic: EHR vs. Traditional Paper Records

While the process of complying with the HIPAA Privacy Rule requirements may seem like a chore, companies must not take any chances. Whether they choose to use hosting providers or instruct their in-house IT teams to secure their internal servers, they must ensure the confidentiality of PHI. If they fail to do so, the damage done may be irreversible.

Sources:

HIPAA Compliance Checklist

http://www.privacy.wv.gov/tips/Pages/HIPAAPrivacyHIPAASecurity.aspx

http://www.atlantic.net/blog/2013/11/27/hipaa-compliant-hosting-requirements-easy-solution-oriented-checklist/

http://www.apapracticecentral.org/business/hipaa/faq.aspx

http://www.tricare.mil/tma/privacy/hipaa-baa.aspx

http://www.onlinetech.com/resources/e-tips/hipaa-compliance/five-questions-to-ask-your-hipaa-hosting-provider

https://www.google.co.uk/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0CDkQFjAA&url=https%3A%2F%2Fwww.arbornetworks.com%2Fdocman-component%2Fdoc_download%2F41-ensuring-hipaa-compliance-on-internal-networks&ei=WsolU4_wKILChAeMpYGoCA&usg=AFQjCNG4xkyuz4vf30KhSp7FSJLofhB1pw&bvm=bv.62922401,d.ZG4

http://searchhealthit.techtarget.com/definition/electronic-protected-health-information-ePHI

What exactly is ePHI? Who has to worry about it? Where can it be safely located?

Click to access udmn.pdf

http://privacyruleandresearch.nih.gov/pr_07.asp

http://aspe.hhs.gov/admnsimp/pl104191.htm#1171

TAGGED:HIPAAPrivacy
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

dental care
Importance of Good Dental Care for Health and Confidence
Dental health Specialties
October 2, 2025
AI in Healthcare
AI in Healthcare: Technology is Transforming the Global Landscape
Global Healthcare Policy & Law Technology
October 1, 2025
Choosing the Right Swimwear for Health and Safety
News
September 30, 2025
sports concussions
Concussion In Sports: How Common They Are And What You Need To Know
Infographics
September 28, 2025

You Might also Like

Strategic Planning
BusinesseHealthHealth ReformMedical RecordsTechnology

Top 5 Strategic Planning Challenges for CIOs

September 9, 2014
Clinical trial data
BusinesseHealthFinanceMedical Records

Clinical Trials Software Firm Gets Funding to Help with Health Data Digitization

November 4, 2013

What Patients Want… Online Access to Data!

October 1, 2012

Clinical Trials for Health Information Technology

August 2, 2014
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?