understanding hipaa compliance · understanding hipaa compliance upholding the privacy and security...
TRANSCRIPT
Understanding HIPAA Compliance
www.cognoscape.com
2 | Understanding HIPAA Compliance | cognoscape.com
Understanding HIPAA Compliance
Upholding the privacy and security of protected health information (PHI) and
personal health records (PHR) continues to be a challenging issue for healthcare
providers in the US. HIPAA, which stands for the Health Insurance Portability &
Accountability Act of 1996, is a Federal law that created national standards to
protect patients’ medical records and data. As a healthcare provider, it’s your duty
to ensure your organization stays up to code on all the latest HIPAA rules and
regulations. Not doing so can lead to heavy penalties, the loss of patient trust, and
an increased risk to data breaches.
Cognoscape can help you reach and maintain HIPAA compliance with ease. By
assessing your vulnerabilities and implementing top-
notch security measures, you no longer have to worry
about the threat of non-compliance. Gain peace of
mind and uphold the reputation of your practice with
our partnership.
Consequences of Non-ComplianceThere are many drawbacks of non-compliance.
HIPAA violations are costly and, while the penalties of
non-compliance depend on your level of negligence,
they can range anywhere from $100 to $50,000
per violation – with a $1.5 million maximum penalty
for violating an identical provision within the same
3 | Understanding HIPAA Compliance | cognoscape.com
calendar year. The risks of non-compliance are wide and varied. From employee errors and
unencrypted PHI to data stored on devices and unreliable Business Associates – there’s no
telling what can happen to your sensitive patient data. In order to steer clear from potential
data breaches and non-compliance fees, it’s important to understand the components of
HIPAA compliance and determine where your organization stands.
4 Major Rules of HIPAA Compliance
Both Covered Entities and Business Associates must protect the privacy and security
of patient information. Covered entities are defined in the HIPAA rules as: health plans,
healthcare clearinghouses (such as a billing service or health information system), and
healthcare providers who electronically transmit any health information in connection
with transactions. A “Business Associate” is a person or entity that assists Covered Entities.
These entities perform specific functions and carry out activities that involve the use or
disclosure of PHI. It’s important to note that a member of the Covered Entity’s team is not
considered a Business Associate.
Now that you know the key differences between the
two and realize that importance of HIPAA compliance,
what’s next? There are 4 major HIPAA rules that you
will need to examine:
HIPAA Privacy RuleIssued by the US Department of Health and Human
Services (HHS), the HIPAA Privacy Rule provides the first
set of national standards to protect patients’ PHI. The rule
sets limits on how health care providers handle, discuss,
and disclose PHI without a patient’s consent. Additionally,
the rule facilitates the flow of health information
necessary to provide high quality healthcare while
protecting the privacy of individuals who need healing.
Cognoscape can help you reach and maintain HIPAA compliance with ease. By assessing your vulnerabilities and implementing top-notch security measures...”“
“
4 | Understanding HIPAA Compliance | cognoscape.com
HIPAA Security RuleThe HIPAA Security Rule provides standards for patient data
stored or transmitted digitally. With the rise of electronic
health records (EHRs) and electronic medical records
(EMRs), there has never been a more vital time to ensure
that patient data and your IT systems are HIPAA compliant.
HIPAA Enforcement RuleThe HIPAA Enforcement Rule contains provisions
that deal with how HHS providers calculate fines for
healthcare providers who have violated any HIPAA rules
following an investigation and administrative hearing.
HIPAA Breach Notification RuleThe HIPAA Breach Notification Rule requires Covered
Entities as well as their Business Associates to report and
provide notification following a breach of PHI. The Federal
Trade Commission has implemented similar provisions that
apply to vendors of PHR and their third-party service providers.
Maintain HIPAA Compliance with Cognoscape
Our security professionals here at Cognoscape are dedicated to providing your healthcare
organization with industry-leading security solutions – so you can achieve and maintain
compliance now and in the long run. Get in touch with us to learn how you can continue to
grow your practice while staying HIPAA compliant at all times.
In order to steer clear from potential data breaches and non-compliance fees, it’s important to understand the components of HIPAA compliance and determine where your organization stands.”
C o g n o s c a p e L LC
1 6 4 7 9 D a l l a s Pa r k w ay, # 2 3 0
A d d i s o n , T X 7 5 0 0 1
( 2 1 4 ) 3 7 7 - 4 8 8 4
c o g n o s c a p e . c o m