|
 Currently, a "HIPAA Security Toolkit for HME & Re-hab Facilities", a "Security Handbook" , and other tips are available for VGM Group members. Additional documents will be added shortly
The "HIPAA Security Toolkit for HME & Re-hab Facilities" includes:
- Introduction to HIPAA Security
- Security Policies and Procedures
- Forms
- Security Training Manual
- Glossary
...and more
The "HIPAA Handbook" includes and explains how to do the following: - Create secure passwords and manage them appropriately
- Monitor log-on attempts
- Respond to information-security incidents
- Employ appropriate measures to protect computers from viruses and malicious software
- Use appropriate physical security measures to protect patient information
Mark Higley, VGM's Vice President of Development, compiled the training materials. To access the files, please go to http://www.vgm.com/regulatory/hipaa.asp, (member login required). Many of the same files may also be found on the "Download-Ready Simplification Tools" section. Additional information, tips, policies and procedures will be available shortly. In the meantime, if you have Security Rule (or any HIPAA topic) questions, you may contact Mark at 800.642.6065.
FAQ about the Security Rule: What is the major objective of the Security Rule?
The objective of the Security Rule is to adopt national safeguards to protect the confidentiality, integrity, and availability of protected health information. The Security Rule will require all homecare providers to implement basic safeguards to protect electronic protected health information (EPHI) from unauthorized access, deletion, and transmission. The confidentiality of health information is threatened not only by the risk of improper access to stored information, but also by the risk of interception during electronic transmission of the information.
The Security Rule consists of three primary security safeguards. These are administrative safeguards, physical safeguards, and technical safeguards. Within each of these safeguards, there are a number of standards that need to be satisfied by the provider. What are some solutions that have already been put in place for the Privacy Rule that can also meet the Security Rule requirements? - The administrative requirements included in the Privacy Rule, such as a need for written policies, responsible officers, and business associate agreements can also serve to meet the Security Rule.
- Also, e-mail authentication procedures put into place for privacy protection may also meet the security standards, thereby eliminating the need for additional investments to meet these standards.
What is the relationship between Privacy and Security?
The protection of the personal health information (PHI) depends in large part on the existence of security measures to protect that information. What are some of the distinctions between the Security Rule and the Privacy Rule?
Security Rule - The Security Rule requires homecare providers to implement basic safeguards to protect electronic protected health information from unauthorized access.
- Also, the Security Rule is much more flexible than the Privacy Rule and provides organizations with much more leeway to comply with the Rule.
- The Security Rule was written in a manner that allows homecare providers to assess its own security risks and decide upon the measures that would most effectively mitigate those risks.
- The Security Rule is not linked to a specific technology which will allow homecare providers to utilize potential future technology advancements.
Privacy Rule
- The Privacy Rule sets standards for how protected health information should be controlled by setting forth what uses and disclosures are authorized or required and what rights patients have with respect to their health information.
|
