HIPAA: Requirements for intranet cooperation pc software 650891548468

De BISAWiki

Edição feita às 00h09min de 9 de maio de 2013 por GenenrjalpxhrlFuhrman (disc | contribs)
(dif) ← Versão anterior | ver versão atual (dif) | Versão posterior → (dif)


Sharing personal health information online could be a risky business. Regrettably, as people become used to doing many if not absolutely all of their private business online, the need for link accessing this information online will increase to the point that health care providers will haven't any choice but to both give use of this personal health information or lose their customers.

The Insurance Portability and Accountability Act (HIPAA) was enacted to make sure the privacy of patient information. This requires that healthcare services hire stringent measures to make sure that information provided on the web is protected from unauthorized access.

The HIPAA Act requires health-providing entities to:

Assign responsibility for safety to a person or company.

Evaluate security risks and establish the main threats to the security and privacy of protected health information.

Establish a plan to address physical security, personnel security, specialized security controls, and disaster recovery and security incident response.

Approve the potency of security controls.

Create policies, procedures and tips for use of individual computing devices (workstations, laptops, hand-held devices), and for ensuring systems have been in place that allow, minimize and end access (access control lists, person accounts, etc.) appropriate to an individual's status, change of status or termination.

Implement access controls that'll include security, context-based access, role-based access, or user-based access; audit control mechanisms, information authentication, and entity authentication

This law has significant implications for organizations that allow unauthorized access resulting in a break in confidentiality.

Protection is the essential

Access security and information is of the utmost importance, considering that the HIPAA law provides for both civil and criminal penalties for violations. In order to guarantee HIPPA compliance, on line file management on company intranets and extranets must include a number of security features:

Secure net server a operating secure socket layers could be the minimum needed.

Encrypted database all information must certanly be protected. Pc software is available that'll encoded all information sent between two computer over the internet.

Secure access get a grip on -- in addition to a user id and password, it may be a good idea to use a strong password or sensible card as additional protection.

Program timeout this ensures that private information is not left on an unattended screen.

Server monitoring the secure web server has to be strictly watched to detect break-in attempts.

Regular security audits regular audits are needed to make sure all security measures are working properly.

Personnel system maintenance should be in the hands of qualified personnel knowledgeable about HIPPA demands

Obtida de "http://wiki.bisaweb.com.br/index.php/HIPAA:_Requirements_for_intranet_cooperation_pc_software_650891548468"
Ferramentas pessoais