HIPAA: Security Compliance
As you know, compliance with the HIPAA Privacy Rule is now mandatory -- and the compliance deadline for the new HIPAA Security Rule - which went into effect earlier this year to ensure the security of electronic protected health information (PHI) - was April 2005.
Security awareness training is mandatory for your entire staff. Under the new Security Rule, you are required to establish administrative, physical and technical safeguards to guarantee the confidentiality, integrity and availability of all electronic PHI. HIPAA Security Awareness covers:
- The basics of security awareness
- Physical, administrative and technical safeguards of electronic PHI
- User education for identifying malicious software, monitoring log-in success and failure and proper password management controls
- Incident reporting
- Mandates of the Health Information Technology for Economic and Clinical Health (HITECH) Act