• E-mail
• Print
• RSS

How to increase security to comply with HIPAA

Staff Development Weekly: Insight on Evidence-Based Practice in Education, August 9, 2007

Want to receive articles like this one in your inbox? Subscribe to Staff Development Weekly: Insight on Evidence-Based Practice in Education!

Some facilities are still struggling to comply with HIPAA, particularly the security rule. Many felt that once they satisfied the privacy rule's requirements, their work was done. Writing policies and procedures to comply with the privacy rule is the easy part. Complying with the security rule requires you to address not only security risks, such as hackers, but also commonsense business practices, such as a data backup and disaster recovery plans.

Look at the following when considering security:

• Disaster recovery: Are you in hurricane country or an urban area with a significant theft risk? You need a plan to protect your patients' data in an emergency and to get systems up and running as soon as possible.
• Data backup: Are you backing up tapes but storing them next to your server so that they're just as vulnerable in a fire or theft as your equipment? You need to back up data off-site and make sure that your employees are following through and doing all of the necessary backups.
• Remote security: If your physicians take laptops or handheld devices out of the office (which is very likely), ensure that the data are password-protected and encrypted in case of loss or theft.
• Data disposal: You need to make sure that you completely destroy any patient data stored on discarded computers to prevent unauthorized access.

To get more information, go to Briefings on HIPAA (BOH). For the cost of just three stories, you can get the entire August issue of BOH. Click here to choose between the PDF and HTML versions for just $30. Subscribers to the online version of BOH have free access to this article. Subscribers to the print newsletter can find this article in their August issue.

Want to receive articles like this one in your inbox? Subscribe to Staff Development Weekly: Insight on Evidence-Based Practice in Education!

• E-mail to a Colleague
• Print
• RSS
• Archive