HIPAA, the Health Insurance Portability and Accountability Act, was enacted in 1996 to improve healthcare coverage across the US. It was designed to:
- Ensure employees retained health insurance as they moved between jobs
- Made healthcare organizations more accountable for health data, to ensure it remains private and confidential
- Help prevent fraud and abuse in healthcare delivery
- Simplify the administration of healthcare
Of course, HIPAA wasn’t a cure-all. It generalized at best.
So more updates have been added to further ensure patient data is secure, and provide guidelines as to how to move forward in case of a breach.
Under the Security Rule, covered entities and business associates must develop a variety of safeguards to maintain confidentiality, availability, and integrity of personal health information, PHI. HIPAA establishes the rules, then turns it over and allows health organizations to find ways of compliance by themselves.
HITECH, the Health Information Technology for Economic and Clinical Health Act, further increased incentives related to healthcare information technology, including the use of electronic health record systems across the board.
But even as new regulations become law, regs like HIPAA and HITECH only create the broad picture. It’s up to you to fill in the details and ensure you comply. It’s up to you to evaluate from a risk-based perspective, and address individual threats as they become problematic.
You can also think of it this way. As a business, you purchase a business insurance policy to keep your core business practices covered in the event of a problem. But that doesn’t stop you from diving in deeper, taking further precautions to keep your assets safe. You might invest in a burglar alarm. You might install stronger locks on the doors. You might add two-factor authentication to your digital devices.
The insurance policy is your blanket protection. But each additional security measure you install further enhances your business practices and keeps you safe.
As a healthcare service provider, your job is to ensure compliance at all costs. Focusing on security is just part of your daily routine. With each new implementation you bring to your business, it’s equally important to ensure it’s safe to use. Is it safe for patients? Are you protected from outside threats?
That’s also where partnerships come into play. Thanks to cloud and third-party services, it’s easier than ever to bring in the expertise you need, one partner at a time.
Of course, that also means it’s important to ensure your consistently working on strategy. If 2020 has taught us anything, it’s that goals and direction can change on a dime. The more aware you are of your overall strategy, the quicker you can jump at new ideas that will help you implement a little faster, and be a little stronger overall.
How is your business strategy working for 2020?
For IT Strategy, Cloud Conversion, or Help Desk Services reach out to us at Silver Linings Technology 360-450-4759.