Safeguard your confidential data by implementing HIPAA Privacy Rule's De-

Identification Standard

A legislative act passed in year 1996, called HIPAA or in other words the Health Insurance

Portability & Accountability Act affected the health care administration. For years, we have

researched upon the safety rule along with three types of security safeguards based mainly on

technical and physical grounds.

Amongst the above mentioned three safety points, we delved at the administrative safeguards

and its obligatory as well as addressable implementation specifications. In this article, we will

examine the main key factors pertaining to the technical and physical safeguards of the

security rule. The motive of this article is to simplify and state the main concepts of HIPAA

Privacy Rule's De-Identification Standard.

Physical Safeguards

Physical safeguard rule laid by the HIPAA Privacy Rule's De-Identification Standard deals with

the strategies and procedures required to be implemented in order to control physical

admission to systems or devices containing health information and facilities covering

electronic records.

It is therefore mandatory to take maximum care when beginning and removing hardware and

software that deals with secured Health Information (PHI) from the network. Utmost care

must be taken in disposing off any equipment which is on the edge of retirement, so that PHI

contained within such systems is not compromised.

Health data stored in the equipment must be controlled and monitored carefully.

Access to the hardware and software must be operated by proper trained and

authenticated individuals.

Make sure that workstations must be situated away from high traffic areas to avoid

direct view of the monitor screens to the public.

The main person taking the services of contractors and agents must assure that the

contractors and agents are professionally trained and are aware of their duties and

responsibilities.

Technical Safeguards

Technical security measures deals with factors that require to be executed when transmitting

health information electronically over open networks in order to ensure that health

information do not go into wrong hands.

Responsible entity must follow a strict procedure to make sure information integrity

which includes digital signature, check sum, message confirmation.

Execute right methods to confirm that the entity entitle to access the electronic

records is the one it claims to be. There are some signs to confirm the same that

includes card systems, password systems, giving a return call, and hand showing signs

Drafting and maintaining all policies implemented and practices followed for HIPAA

Privacy Rule's De-Identification Standard that needs to be presented as and when

required by the compliance auditors.

Implementation Specifications

We cannot ignore with the healthcare compliance, as it becomes essential to safeguard

Protected Health Information.

It is required to employ a system that will take utmost care of the health information, for this

our heath care providers like doctors, hospitals and health plans must be given a unique

identifier. At present most of them are using either tax-id numbers or employer identification

number.

The security and privacy rules have laid down certain provisions to assure that the personal

records of people is not misused, secured and kept confidential, any person failing to follow

the rule will be fined up to $250,000 and possible jail time for severe enough violations by

HIPAA. HIPAA rule was indeed designed and created to ease the massive process of health

care administration.

About emPower

emPower is a leading provider of comprehensive Healthcare Compliance Solutions through

Learning Management System (LMS). Its mission is to provide innovative security solutions to

enable compliance with applicable laws and regulations and maximize business performance.

empower provides range of courses to manage compliance required by regulatory bodies such

as O.SHA, HIPAA, Joint commission and Red Flag Rule etc. Apart from this emPower also offers

custom demos and tutorials for your website, business process management and software

implementation.

Its Learning Management system (LMS) allows students to retrieve all the courses 24/7/365 by

accessing the portal. emPower e-learning training program is an interactive mode of learning

that guides students to progress at their own pace.

For additional information, please visit http://www.empowerbpo.com.

Media Contact (emPower)

Jason Gaya

marketing@empowerbpo.com

emPower

12806 Townepark Way

Louisville, KY 40243-2311

Ph: 502 -400-9374

http://www.empowerbpo.com

http://hardik.practutor.com