|  | Healthcare Industry | Healthcare Management

HIPAA Rules That Affect Technology

HIPAA, the Health Insurance Portability and Accountability Act, established guidelines for the handling of patient medical records. The law protects confidential information by mandating tighter security controls. The HIPAA rules affecting technology provide guidelines for organizations to follow when setting up their system networks.

  1. Tracking Rules

    • Health care organizations typically access, modify and transmit patient information on a continual basis. Under HIPAA guidelines, organizations must be able to track who accesses a particular record, record any changes made and provide access to the original record before changes were made, according to "Physician's News Digest." In order to do this, a system network must incorporate technology that enables unique user names and passwords for authorized system users and record all system activity. These rules also apply in cases where patient information is transmitted outside of an organization through email or the Internet. Tracking rules are designed to enforce patient confidentiality rights by enabling organizations to monitor the handling of patient records.

    Security Rules

    • HIPAA rules for system security require organizations to utilize reliable firewall and antivirus technologies designed to protect a system network from unauthorized access through external tampering, or hacking, according to "Physician's News Digest." Security rules also apply in terms of limitations on user access, which require technologies that assign user access levels to every user account. Access levels can be set according to department levels, patient caseloads or customized to suit an organization's operational structure. Also needed is a special access level that allows users to access patient records in the event of an emergency. Under HIPAA guidelines, patients are allowed to access to their medical records at any time. This means organizations must have some sort of backup system and data recovery plan in place in the event of system failure, fires or natural disasters.

    Usage Rules

    • Usage rules refer to how an organization's policy and procedure guidelines work to enforce the privacy and security requirements for handling patient health records, according to "Physician's News Digest." Policy and procedure guidelines explain user access procedures in terms of how data is accessed and designates certain conditions for areas that house computer workstations. These rules support the privacy and security requirements under HIPAA by placing system equipment in designated or secured areas and standardizing access procedures for working with patient records. In cases where an organization is replacing its computer network or updating system components, usage rules stipulate proper removal and disposal procedures for components that contain patient health records.

Healthcare Management - Related Articles