The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. law comprised of standards designed to protect patient health information, or protected health information (PHI), which refer to patient health information, records and data. The law provides patient access to and control of PHI and governs how businesses and other parties control PHI to prevent unauthorized access and accommodate patient privacy.
HIPAA became effective in April 2003.
HIPAA applies to medical technology that holds or uses patient health information, or digital versions of this data. Digital medical record systems, as well as lab or doctor’s office software, must be HIPAA compliant, as must any other type of software that holds patient health information and data.
Beyond its application to software and other technology, HIPAA also applies to facilities that maintain patient health data. Medical offices and other facilities with sensitive information must practice HIPAA compliant data handling strategies, from protecting digital or print records to preventing unauthorized eavesdropping. These and other similar issues make HIPAA a prime concern for personnel in the medical field, as well as certain areas of IT.
0 Comments