Abstract
With the Omnibus Final Health Insurance Portability and Accountability Act (HIPAA) Rule of September 2013, privacy and security of patient health information has been further tightened. Looking back from 2002 when HIPAA was first released, monetary penalties have increased as has the scrutiny surrounding the protection of patient health information. With numerous updates and additions, such as the Health Information Technology for Economic and Clinical Health Act, (HITECH), to the original HIPAA Rule, managers have to be akin to the changes as any day can bring a HIPAA complaint or breach. In this uncertain environment, breach management is a critical part of working with HIPAA. HIPAA and HITECH are laws which are to be operationalized into an organization’s standard operating procedures.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Department of Health and Human Services. News release. http://www.hhs.gov/news/press/2014pres/05/20140507b.html. Accessed 7 May 2014.
Department of Health and Human Services. HIPAA security series. Volume 2, paper 1, March 2007. http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/security101.pdf.
Robert Tennant and Amy Nordeng. New privacy and security omnibus rule released. MGMA connexion, Apr 2013, page 18 of 18–21.
The Wall Street Journal. Home depot’s 56 million card breach bigger than target’s.http://www.wsj.com/articles/home-depot-breach-bigger-than-targets-1411073571. Accessed 18 Sept 2014.
Department of Health and Human Services. HIPAA final rule, 45CFR164.402. 25 Jan 2013.
Downing K. Navigating a compliant breach management process. J AHIMA. 2014;85(6):56–8.
US Department of Health and Human Services. Massachusetts provider settles HIPAA case for $1.5 million. http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/meei-agreement.html. Accessed 20 Apr 2015.
US Department of Health and Human Services. Alaska DHSS settles HIPAA security case for $1,700,000. http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/alaska-agreement.html. Accessed 20 Apr 2015.
US Department of Health and Human Services. Data breach results in $4.8 million HIPAA settlements. 2014, May 7. http://www.hhs.gov/news/press/2014pres/05/20140507b.html. Accessed 21 Apr 2015.
AHIMA. Mobile device security (updated). J AHIMA. 2012;83(4):50–5. http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_049463.hcsp?dDocName=bok1_049463. Accessed 20 Apr 2015.
Office for Civil Rights. The HIPAA privacy and security rules. Frequently asked questions about the disposal of protected health information. http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/disposalfaqs.pdf
Department of Defense Media Sanitization Guidelines 5220.22 M. http://www.destructdata.com/dod-standard/
Department of Health and Human Services. Standards for privacy of individually identifiable Health Information. 45CFR164.508.
Office for Civil Rights. Understanding the HIPAA notice. http://www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/understanding-hipaa-notice.pdf
Sherman C, Shey H, with Balaouras S, Duong, J. Brief: stolen and lost devices are putting personal healthcare information at risk. Forrester Res. 2014:3.
Department of Health and Human Services. Managing mobile devices in your health care organization. http://www.healthit.gov/sites/default/files/fact-sheet-managing-mobile-devices-in-your-health-care-organization.pdf
HIPAA Privacy, Security, and breach notification audit program. http://www.hhs.gov/ocr/privacy/hipaa/enforcement/audit/
Department of Health and Human Services, Office of the Secretary. Standards for privacy of individually identifiable health information. 45 CFR 160.306(b)(3).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Kiel, J.M., Ciamacco, F.A., Steines, B.T. (2016). Privacy and Data Security: HIPAA and HITECH. In: Weaver, C., Ball, M., Kim, G., Kiel, J. (eds) Healthcare Information Management Systems. Health Informatics. Springer, Cham. https://doi.org/10.1007/978-3-319-20765-0_25
Download citation
DOI: https://doi.org/10.1007/978-3-319-20765-0_25
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-20764-3
Online ISBN: 978-3-319-20765-0
eBook Packages: MedicineMedicine (R0)