The HIPAA Security Rule, According to the HHS (VIDEO)

Posted 3.6.12 by

The U.S. Department of Health and Human Services (HHS) has created a series of informative videos offering tips and advice for covered entities and those that need to meet HIPAA compliance. This particular video showcases the HIPAA Security Rule and five high-level overviews and realistic applications of the rule.

While this is a definite step in the right direction for the OCR’s attempts in spreading awareness with an easier-to-understand and more practical approach, I hope they continue to delve even deeper into educating the public about HIPAA.

Transcription of the main points of the video below:

How do you get started on creating a security plan for your office?

  1. Experts recommend beginning with a risk analysis – a risk analysis can help you develop establish the safeguards you need at your practice.
  2. Develop and put into place administrative safeguards – those are office rules and procedures that keep your data secure. For example, you need to decide what information each staff person should have access to.
  3. Your plan needs to include physical safeguards – like, positioning computers and printers out of patient areas; security locks, or an alarm system.
  4. Install technical safeguards – this can include hardware, software, and any other technology that limits access to electronic health records. For example, a software program that keeps computer viruses out of your information system. Or tracks who accesses patient information and who makes changes to patient records.
  5. Encrypting health records stored on computer hard drives is a vital step in keeping information confidential.

Keeping your health information secure is an ongoing process – making security part of your office routine requires diligence. But it’s the only way to protect your patients’ information and to protect your practice from fines and penalties.

Visit our HIPAA compliant resource section of our site for additional resources, including HIPAA Compliant Case Studies, Five Questions to Ask Your HIPAA Hosting Provider and Tips for Passing a HIPAA Audit.

HHS on YouTube

About Otava

Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.

Get in touch with an Otava Rep today – just provide us with a bit of information below to get started and we’ll reach out to you shortly!