HIPAA COMPLIANCY AND SECURITY
PRIVACY AND ADMINISRATION RULE – Coaching, Process guidance, Policies, Procedures, Health information protection (PHI), Incident Management, Remediation plans, Reporting, Business Associate Management (Omnibus Rule), and dealing with OCR.
SECURITY RULE – Testing, reporting, remediation, and for achieving HIPAA compliancy. This consists of Vulnerability scanning, Pen testing, encryptions, segmentation, and security provisioning.
HHS dictates:
- Ensure the confidentiality, integrity, and availability of all e-PHI that is created, received, maintained or transmitted
- Identify and protect against reasonably anticipated threats to the security or integrity of sensitive information
- Protect against reasonably anticipated, impermissible uses or disclosures; and ensure compliance by the workforce
Healthcare Information Privacy:
https://www.hhs.gov/hipaa/index.html