Security News > 2021 > August > What is the HIPAA Security Rule? Three safeguards to have in place
This influx calls for us to re-examine the HIPAA Security Rule to ensure healthcare entities are protecting patient information.
Two notable rules were added to HIPAA: the Privacy Rule, to help cover the physical security of PHI, and the Security Rule, to safeguard electronic protected health information.
In short, the HIPAA Privacy Rule explains what data needs to be protected and who should abide by those rules, whereas the Security Rule was conceived as a national standard to protect patients and explains how to protect ePHI. The law requires healthcare providers, plans and other entities to uphold patient confidentiality, privacy and security, and calls for three types of safeguards: administrative, physical, and technical.
Covered entities are required to implement administrative safeguards: policies and procedures that describe how the organization intends to protect ePHI and ensure compliance to the Security Rule.
Workplace training and security awareness: Require employees to complete an annual HIPAA training and educate themselves on their organization's specific security procedures.
The three components of the HIPAA Security Rule may seem difficult to implement and enforce, but with the right partners and procedures, it is feasible.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/yDyr2J9Qacw/