1 / 6

Information Security in Real Business

Information Security in Real Business. HIPAA Compliance Fantastic Four Casey Ford Maninder Singh Ranger Olsom. Health Insurance Portability and Accountability Act. HIPAA was enacted by the U.S. Congress in 1996. Title I

xena
Download Presentation

Information Security in Real Business

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Information Security in Real Business HIPAA Compliance Fantastic Four Casey Ford Maninder Singh Ranger Olsom

  2. Health Insurance Portability and Accountability Act • HIPAA was enacted by the U.S. Congress in 1996. • Title I • Protects health insurance coverage for workers and their families when they change or lose their jobs. • Title II • Known as the Administrative Simplification (AS) provisions • Requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers. • This is intended to help people keep their information private, though in practice it is normal for providers and health insurance plans to require the waiver of HIPAA rights as a condition of service.

  3. HIPAA Title II: 5 Rules • Per the requirements of Title II, the HHS has promulgated five rules regarding Administrative Simplification • Privacy Rule • Transactions and Code Sets Rule • Security Rule • Unique Identifiers Rule • Enforcement Rule.

  4. Privacy Rule • It establishes regulations for the use and disclosure of Protected Health Information (PHI). • PHI is any information held by a covered entity which concerns health status, provision of health care, or payment for health care that can be linked to an individual.

  5. Security Rule • The Security Rule complements the Privacy Rule. • The Security Rule deals specifically with Electronic Protected Health Information (EPHI). • It lays out three types of security safeguards required for compliance: • Administrative • Physical • Technical • For each of these types, the Rule identifies various security standards, and for each standard, it names both required and addressable implementation specifications.

  6. Security Problem • The insurance coverage information that a company manages requires a high degree of privacy and security. • In order to implement the appropriate levels of security to be in compliance with HIPPA, a company needs to fulfill many different requirements. • We will survey a an existing implementation’s effectiveness in meeting HIPPA requirements and determine what changes need to be made in order to make the company compliant.

More Related