FRSecure

Information Security Program Development

FRSecure Home

• Program Development
• FRSecure's Approach
• What do you get?
• What ensures success?
• Why choose FRSecure?

Standards Compliance

• ISO 17799:2005
• PCI-DSS
• HIPAA
• GLBA

About Us

• 3992 Spruce Road
  Minnetrista, MN 55375
  
  888.676.8657
  
  info@frsecure.com

Health Insurance Portability and Accountability Act (HIPAA)

The Health Insurance Portability and Accountability Act, better known as "HIPAA" was enacted by the United States Congress in 1996. HIPPA's intent and purpose are to improve the efficiency and effectiveness of the United States' health care system by encouraging the use of widespread electronic data interchange.

From the United States Department of Health and Human Services:
"The Administrative Simplification provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA, Title II) required the Department of Health and Human Services (HHS) to establish national standards for electronic health care transactions and national identifiers for providers, health plans, and employers. It also addressed the security and privacy of health data. As the industry adopts these standards for the efficiency and effectiveness of the nation's health care system will improve the use of electronic data interchange." - Source: Department of Health and Human Services

The Privacy Rule
The Privacy Rule is located at 45 CFR Part 160 and Subparts A and E of Part 164. (CFR - Code of Federal Regulations). The Privacy Rule establishes requirements for the use and disclosure of protected health information (PHI). Complaints are handled by the Department of Health and Human Resources Office for Civil Rights (OCR).

The Security Rule
The Security Rule is located at 45 CFR Parts 160, 162 and 164. The Security Rule (or standards) compliments The Privacy Rule (above). Whereas The Privacy Rule refers to protected health information (PHI), The Security Rule refers more specifically to "electronic protected health information" of EPHI.

The Security Rule concerns itself with "administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of electronic health information".

The Enforcement Rule
"The Secretary of Health and Human Services is adopting rules for the imposition of civil money penalties on entities that violate rules adopted by the Secretary to implement the Administrative Simplification provisions of the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191 (HIPAA)"

The information mentioned above is meant as reference only. Obviously, there is much more to HIPPA than what we can cover here.

An FRSecure information security assessment provides complete coverage of all HIPAA compliance issues. We have extensive experience with multiple health insurance, hospital, clinical, and pharmaceutical "covered entities", as noted in the regulation.

For more information, please submit:

Business Name:

Contact Name:

Email Address:

Phone Number:

Comments:

FRSecure LLC, 3992 Spruce Road, Minnetrista, MN 55387 - 888.676.8657

Copyright � 2009 FRSecure LLC All Rights Reserved.