Cardiologist Turns Hacker
Your Information Is Safe With Us. Network Outsource will never sell, rent, share or distribute your personal details with anyone. In addition, we will never spam you.
Do you collect, store, or access electronic protected health information at all? If so, the answer is a resounding YES…
An estimated 170,000 non-profit organizations are operating in the health-related sector throughout the US. Many of them aren’t aware that HIPAA compliance does, in fact, apply to them, as long as they’re collecting, storing or accessing electronic protected health information. HIPAA, which refers to the Health Insurance Portability and Accountability Act, was enacted in 1996 to protect the confidentiality and integrity of patient data. Although it’s easy to assume HIPAA affects healthcare providers alone, this isn’t the case.
HIPAA sets the standard for protecting patient data, also known as protected health information or PHI, against unauthorized or unlawful access. Essentially, health information can’t be provided to or seen by anyone without the individual’s consent. This includes anything related to medical records, conversations, or billing information regarding medical treatment. In addition, those with access to health information must alert patients when the information is shared or used.
If you’re storing, accessing or using health information relating to your clients, members, or beneficiaries, you must comply with HIPAA. This health information may be regarding:
This information, along with any “identifiers” that could create a correlation between an individual and their respected health information, is protected under HIPAA.
Anyone who falls into one of two broad categories: covered entities (healthcare providers, plans or clearinghouses) and business associates (any third parties who have access to protected health information). Essentially, many non-profit organizations fall under the “business associate” category as they perform activities on behalf of or provide services for a covered entity.
HIPAA contains many different categories that govern the protection of patient information, including the following:
It’s vital to take the right precautions to keep electronic protected health information safe from unauthorized access. This may include simple measures, such as:
Although the simple measures above may seem straight-forward, they go a long way to help ensure you’re compliant with HIPAA. You should also talk with your technology partner about the following:
A violation isn’t always a massive cyber-attack. Sometimes, a violation is as simple as an employee leaving a laptop in a coffee shop that contains electronic protected health information. Let’s talk about HIPAA compliance for non-profit organizations. Call (516) 207-1889 or email us at firstname.lastname@example.org.