Question

One of the biggest problems with healthcare information security has always been inappropriate use by authorized users. How do HIPAA and HITECH help to curb this problem? How do you envision Health Level Seven, HIPAA, and the HITECH Act evolving in the next decade?

Answer 1

Answer: HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed. This includes covered entities (CE), anyone who provides treatment, payment and operations in healthcare, and business associates (BA), anyone with access to patient information and provides support in treatment, payment or operations. Subcontractors, or business associates of business associates, must also be in compliance.

The HITECH Act was created to drive the adoption and “meaningful use” of electronic health records (EHR) technology by U.S.-based healthcare providers and their business associates. Meaningful use means healthcare providers need to show that they are using certified EHR technology in a way that can be measured in both quantity and quality.

Health Level Seven, HIPAA, and the HITECH Act evolving in the next decade would make better privacy and electronic function safe. They will bring several benefits to healthcare patients through its requirements for EHR technology and its provisions for enforcement of the HIPAA Privacy and Security Rules. One benefit is the requirement that patients must be given access to their protected health information (PHI) electronically.