Question

3HS wants to better understand the major concepts surrounding privacy and security. You have explained HIPAA previously, however the Chief Information Security Officer has been promoting the three tenants of security: protecting Confidentiality, Integrity, and Availability. The vice president for nursing has asked for your assistance in describing what each of these means for clinical staff in relation to security and explain how HIPAA addresses these three areas.

Answer 1

The Health Insurance Portability and Accountability has this three tenants of security namely confidentiality ,integrity and availability. This is also called as CIA Triad .

Confidentiality

This is the protection of patient information or healthcare data at all cost. It should protect the data in such a way that it is not accessible or can be viewed by a stranger or unauthorized person . In order to do this the password should not be shared ,computers should not be left open with patient information ,email should be double checked before sending to the patien,access control ,etc.,

Integrity

This is a system which protects the patient information or details to be not altered in any form. Unauthorized changes in the patient health record has to be prevented and this falls under integrity .This can be prevented by good access control ,signature which is digitalised ,hash verification methods to name a few .

Availability

This in simple refers to only the patient or the healthcare professionals can access the health records .It is available only the authorized user. It can prevented from hackers by having highly sophisticated ,regularly updated software tools to identify this and protect the patient information .

HIPAA addresses these three areas and hence protecting the patient information .Violation of this is a legal issue and the concerned person is punishable under act.