Meaningful Use Core Measure: Protect Electronic Health Information


Objective: Protect e-PHI information created by EHR or maintained by EHR technology.

Risk Analysis is the first step in an organization's Security Rule compliance effort.  It also is an ongoing process that should provide the organization with a detailed understanding of the risks to the integrity, security & confidentiality of e-PHI.

By utilizing GTB Technologies FREE Security Risk Assessment Tool, organizations will be able to start the required risk analysis at a substantial cost savings.

 

What is HIPAA & and the HITECH Act?

On August 21, 1996, HIPAA was created as an amendment to the Internal Revenue Service Code of 1986. HIPAA stands for Health Insurance Portability & Accountability Act, and is also known as the Kennedy-Kassebaum Act. The purpose of HIPAA is to standardize electronic patient health administrative and financial data, ensure unique health identifiers for individuals, employers, health plans and health care providers, and to guarantee security standards that protect the confidentiality and integrity of individually identifiable health information, past, present or future.


HIPAA mandates vast changes in the manner in which healthcare organizations protect customers Protected Health Information (PHI). HIPAA requires healthcare organizations to protect the confidentiality and security of health data by setting and enforcing standards, and to improved efficiency in healthcare delivery by standardizing electronic data interchange.

The HITECH Act, devised by Congress primarily to address electronic medical records, is being noted for its impact in adding a tough data-breach notification requirement to the long list of long-existing Health Information Portability and Accountability Act (HIPAA).

Like HIPAA, the HITECH Act covers healthcare providers, insurers, clearinghouses and also business associates handling personal information about patient health, as well as other protected information, including name, Social Security number, address and insurance account numbers.

Contact us for GTB's  "Meaningful Use Core Measure:  Protect Electronic Health Information"


Basic rules on HIPAA compliance:

 
  • Organizational awareness of HIPAA must be developed
  • Comprehensive assessments of the organization's privacy practices, information security systems and procedures, and use of electronic transactions must be done
  • A HIPAA compliance action plan for each rule must be developed, including:
  • I. Developing new policies, processes, and procedures to ensure privacy, security and patients' rights
  • II. Building business associate agreements with business partners to support HIPAA objectives
  • III. Implementing a secure technical and physical information infrastructure
  • IV. Updating information systems to safeguard protected health information (PHI) and enable use of standard claims and related transactions
  • V. Training of all workforce members
  • VI. Developing and maintaining an internal privacy and security management and enforcement infrastructure, including providing a Privacy Officer and a Security Officer

GTB Technologies' HIPAA & HITECH ACT compliance solution:

 
  • GTB's rule manager contains a pre-defined HIPAA compliance rule, which defines HIPAA secure data as anything containing Protected Health Information (PHI)
  • Protected Health Information (PHI) stored within the network and endpoint devices are discovered, exposed and protected
  • All outbound traffic across all network protocols is monitored for secure Protected Health Information (PHI) , with nearly 100% detection ratio and zero false positives
  • HIPAA Data is prevented from being saved on removable media devices, such as: USB, CD/DVD or iPods
  • GTB provides detailed HIPAA reporting and role-based options that support auditing requirements
Should Your Organization be concerned about HIPAA Compliance?
Virtually all healthcare organizations are governed by HIPAA compliance, including all healthcare providers, health plans, public health authorities, healthcare clearinghouses, and self-ensured employers - as well as life insurers, information systems vendors, various service organizations, and universities. Those not compliant with HIPAA face fines up to $250K and/or imprisonment up to 10 years for knowing misuse of individually identifiable health information and fines up to $25K for multiple violations of the same standard in a calendar year.

 


5 Essential Ingredients to a Data Loss Prevention System
GTB DLP Solution
Brochure


Follow GTB Tweets
08/15/2011
GTB positioned as a Visionary Quadrant in the 2011 Gartner Magic Quadrant for Content-Aware Data Loss Prevention
07/06/2011
GTB Technologies Latest Release - a Game Changer
04/04/2011
GTB Technologies Expands Its Product Portfolio to Support Virtualized Data Centers & Cloud Service Models
03/07/2011
Donations of Data at Rest Scanners for HIPAA HITECH Compliance
01/11/2011
Frost & Sullivan DLP Innovation Product Award
11/01/2010
GTB Releases: The GTB SSL Proxy
09/27/2010
GTB Announces First Deployments' of DLP for Intellectual Property Protection

09/22/2010
GTB Announces Continued Momentum in International Markets
05/10/2010
Data Loss Prevention DLP Download

12/09/2009
GTB Announces the Availability of the latest release of GTB Content eDiscovery as well as a new Centralized Console
 

GTB Technologies, Inc.
5000 Birch St. Suite 3000
Newport Beach, CA 92660
Toll Free Number: (800) 507-9926
Telephone : (949) 783-3359
info@gttb.com


Interested in a Free 30 day "Content-Aware" DLP Download?  Click here
 
Copyright GTB Technologies 2005-2011. All rights reserved.