Tasks attached

The Health Insurance Portability and Accountability Act, also known as HIPAA, was established on August 21, 1996

What IS HIPAA?

2

WHY HIPAA WAS INTRODUCED ?

3

TO Maintain the Patients Privacy

TO protect the Patients Information

TO provide right to Patient for controlling their data

TO ensure security of Patients information regardless of its state

4

HIPAA Signed into Law by President Bill Clinton

YEAR 1996

HIPAA Privacy Rule

YEAR 2003

HIPAA Security Rule

YEAR 2005

HIPAA Breach Enforcement Rule

YEAR 2006

HITECH and the Breach Notification Rule

YEAR 2009

Final Omnibus Rule

YEAR 2013

TRANSFORMATION OF HIPAA

PRIVACY RULE:

Defined Protected Health Information (PHI)

18 identifiers of PHI

Rights to Patients to withhold their information

Track the disclosure of information

SECURITY RULE:

Regulations for Safeguarding ePHI

Safeguards to be in place to maintain the security of ePHI

Administrative

Physical

Technical

ENFORCEMENT RULE:

Allowing the Department of Health and Human Services to investigate covered entities reported for failing to comply with HIPAA regulations.

HITECH RULE

Healthcare groups to maintain the Protected Health Information of patients in electronic format, instead of paper files.

Introduction of the Breach Notification Rule

OMNIBUS RULE

Addressing the gaps between HIPAA and HITECH

Changes in Privacy and Security Rules

New penalties

Amendments

Securing HEALTHCARE DATA in CLOUD

Encryption at rest, transit, use

Rotate keys

Monitoring

Auditing

Assessments

Firewalls

DLP

IDS/IPS

Conclusion:

Securing healthcare data is important meeting HIPAA compliance

Being non-compliant would put the organizations in risk and lead to pay heavy penalties.