StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

HIPPA and HITECH regulations - Article Example

Cite this document
Summary
HIPPA and HITECH regulations Name: Institution: HIPPA and HITECH regulations When President Obama singed the American Recovery and Reinvestment Act (ARRA) into law in 2009, he also implemented the Health Information Technology for Economic and Clinical Health Act (HITECH)…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER91.6% of users find it useful
HIPPA and HITECH regulations
Read Text Preview

Extract of sample "HIPPA and HITECH regulations"

HIPPA and HITECH regulations HIPPA and HITECH regulations When President Obama singed the American Recovery and Reinvestment Act(ARRA) into law in 2009, he also implemented the Health Information Technology for Economic and Clinical Health Act (HITECH). This law resulted in massive expansions in the reach and scope of the Health Insurance Portability and Accountability Act (HIPAA), as well as its corresponding penalties (Carter, 2009). This paper will examine the impact of HITECH and HIPAA regulations on future healthcare systems, defining how regulations will alter the implementation and ongoing use of software systems.

Impact of HIPAA and HITECH regulations on health care systems for the future Hospitals and healthcare facilities continue to face peculiar challenges in terms of security. These challenges will increase rather substantially in the future, particularly in light of increasing volumes of traffic to and from healthcare facilities. Security needs encompass the need to constrain access to personnel-only regions or protect the privacy of patient information in paper and electronic formats (Bortne, CISSP, & CISM, 2009).

The future systems of healthcare facilities will acquire a multi-faceted approach to meet the evolving regulatory requirements regarding patient privacy. Effective security in the future will encompass a forward-looking approach to deal with requirements for logical and physical access, as well as the appreciation of changing privacy standards and regulation compliance. The most significant privacy standards established by the HITECH Act, and which will affect the conduct of healthcare facilities is the notification requirement.

HITECH requires the notification of security breaches regarding healthcare-related issues. In the future, healthcare facilities will implement data security standards with regard to electronic health records and develop privacy and security provisions well beyond HIPAA (Trinckes, 2012). Although HIPAA focuses on health information privacy and security issues, HITECH act extends to non-HIPAA covered entities and holds them to similar privacy and security standards like HIPAA-covered entities (Carter, 2009).

For instance, under HITECH, pharmacies, healthcare providers and other business entities will be subject to security and privacy provisions in HIPAA. In essence, this means that HITECH will, in future, require all healthcare vendors of personal health records to maintain similar levels of security and privacy as HIPAA entities. The federal government, through the US Department of Health and Human Services, will require all healthcare vendors to protect patient health data by fully disclosing breaches by including a succinct description of the breach incident, time of occurrence, discovery and forms of information involved (Trinckes, 2012).

On a state level, HITECH will allow states to enforce HIPAA standards on healthcare providers and vendors. States will also impose fines similar to those levied by the federal government. For many years, healthcare facilities have utilized various methods of ensuring security of patient health information. State requirements demand that healthcare organizations establish effective procedures to ensure security and privacy. However, federal requirements demand that healthcare facilities implement HIPAA and HITECH standards in all their systems.

How the regulations will modify the implementation and ongoing use of software systems For most healthcare organizations, the establishment of IT security technology in building security and privacy has occurred through diverse security policies, objectives and departments. Consequently, healthcare staff needs to carry multiple access cards and recall diverse PINs and passwords to various applications, networks and regions within the healthcare facility. These traditional practices resulted in disjointed security systems, which were cumbersome for employees and costly for the facility.

These IT practices pose substantial risks to healthcare facilities meeting HIPAA and HITECH security and privacy requirements. HITECH standards will allow healthcare security administrators to implement high levels of security, which leverage the facility’s existing investments to acquire high levels of adoption by facility staff (Bortne, CISSP, & CISM, 2009). HITECH and HIPAA standards will allow for the adoption of smart cards to provide intense security. Secure, portable smart cards will be popular in safeguarding physical security and ensure privacy of sensitive electronic information.

Software systems will, therefore, allow for the use of contact and contactless smart card technologies, which will provide opportunities for security administrators to execute a single badge, which functions as a workplace ID, authentication token and physical security access card. For instance, in the future, one smart card will guarantee secure nurse, staff and doctor access to networked computers, the emergency rooms, visual verification of identification and contactless purchases in the cafeteria.

Changes and impacts to software and hardware vendors The implementation of HITECH and HIPAA standards will produce massive changes and effects to hardware and software vendors. For instance, the establishment of software systems in healthcare facilities will enhance the relationship between healthcare facilities and software vendors who provide these systems (Mauleen, 2010). Hardware vendors, on the other hand, will incur massive losses as healthcare facilities shift from hardware to software systems.

The relationship between hardware vendors and healthcare facilities will cease to exist as hardware systems, in healthcare facilities, become obsolete in the face of software systems.   Changes and impacts to infrastructure and organizational standards  Infrastructural changes will take hold in healthcare facilities following the adoption of HITECH and HIPAA standards for security and privacy (Bortne, CISSP, & CISM, 2009). For instance, hardware systems will be replaced by software systems such as smart card readers.

Organizations will ultimately seek to optimize software security by using varying smart card technologies, which encompass differing support systems. Infrastructure will also encompass systems for ensuring that software systems function effectively. This includes, among others servers and control rooms, which monitor the effectiveness of software systems such as smart card readers. Organizational standards will also shift from manual to electronic ways of conducting straightforward actions such as checking in for duty to complex actions such as transferring patient health data to relevant stakeholders.

References Bortne, K., CISSP, & CISM. (2009). The HIPAA and HITECH toolkit: A business associate and covered entity guide to privacy and security. Boston: Hcpro Incorporation. Carter, P. I. (2009). HIPAA compliance handbook: 2010 edition. Colorado: Aspen Publishers. Mauleen, J. (2010). Recent developments with HIPAA: Leading lawyers on interpreting the new HIPAA laws, developing effective compliance strategies, and responding to recent enforcement actions. Boston: West, Aspatore Books. Trinckes, J. J. (2012).

The definitive guide to complying with the HIPAA/HITECH privacy and security rules. Florida: Auerbach Publications.

Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“HIPPA and HITECH regulations Article Example | Topics and Well Written Essays - 750 words”, n.d.)
HIPPA and HITECH regulations Article Example | Topics and Well Written Essays - 750 words. Retrieved from https://studentshare.org/information-technology/1462141-hippa-and-hitech-regulations
(HIPPA and HITECH Regulations Article Example | Topics and Well Written Essays - 750 Words)
HIPPA and HITECH Regulations Article Example | Topics and Well Written Essays - 750 Words. https://studentshare.org/information-technology/1462141-hippa-and-hitech-regulations.
“HIPPA and HITECH Regulations Article Example | Topics and Well Written Essays - 750 Words”, n.d. https://studentshare.org/information-technology/1462141-hippa-and-hitech-regulations.
  • Cited: 0 times

CHECK THESE SAMPLES OF HIPPA and HITECH regulations

Law and Policy Case Study

Given the vital role of information security, many organizations protect their information using strategies such as policies, laws, and regulations.... This proposal looks the impact of organization laws, regulations, and policies in maintaining confidentiality, integrity, and availability.... In many organization, the triad of factors—rules, regulations and policies constitute the entire framework the promote information security (Martin, & Khazanchi, 2006)....
3 Pages (750 words) Case Study

IT Security and Sarbanes-Oxley Act

IT Security & Sarbanes-Oxley Act Course/Number Date I) Introduction Also known as the Corporate and Auditing Accountability and Responsibility Act [in the House], and the Public Company Accounting Reform and Investor Protection Act [in the Senate], the Sarbanes-Oxley Act 2002 came into being, following its enactment on July 30th, 2002....
5 Pages (1250 words) Term Paper

Healthcare Policy Analysis: HIPPA Privacy Rules

"Healthcare Policy Analysis: hippa Privacy Rules" paper observed that this particular legislation tends to address and mitigate the problem concerning the access to valuable information of the patients illegally.... However, continuous criticism from a number of critics can be viewed regarding the way the data has been upheld by the healthcare segment, resulting in the formation of the hippa Privacy Rule.... With this concern, this paper intends to analyze and discuss the healthcare policy of hippa Privacy Rules....
12 Pages (3000 words) Coursework

New Policy Statements- HIPAA

The review is proposed in order to make certain that it fulfills the regulatory obligations and meet up to the obligations of the associated standards as well as regulations.... ecommendationsIn spite of abiding by all the relevant regulations, the policy regarding accessing information by a fresh user and the prerequisite for passwords are becoming a grave concern for the supervisor of the company.... The suggested new policy meets up to the HIPAA Security regulations and fall under the category of Technical Security Controls....
2 Pages (500 words) Assignment

Hospitals Information System

Hospitals in essence deal with healthcare, attending to sick and infirm, prescribing treatments for alleviating suffering, reducing morbidity, preventing death, and effecting cure.... In the hospital environment an effective information system is like a network of nerves that… The information system in a hospital are geared to serve two major roles (i) collection, collation, information generation related to the patients for decisions taking related to diagnosis, treatments, and, (ii) information dissemination to patients about their treatment modules, scanning procedures, precautions, preventions, and costs of treatments....
10 Pages (2500 words) Essay

The Health Information Technology for Economic and Clinical Health

The regulations and penalties ensure that practitioners, particularly in health records, cautiously carry out their work diligently to ensure and enhance the safety and security of health information and patients' health records (McGonigle & Mastrian, 2015).... The Health Information Technology for Economic and Clinical Health (hitech) 2009 Act was enacted as a portion of the American Recovery and Reinvestment (ARR) Act of 2009 (McGonigle & Mastrian, 2015).... It was signed and confirmed into law on February 17, 2009, to stimulate and… hitech provides the U....
1 Pages (250 words) Essay

The Certification Criteria Used by HIPAA

Accesses made by healthcare professionals have to be compliant with regulations imposed across all of the different scaled and levels of healthcare provision and services.... Some of the regulations present in the HITECH act and HIPAA are unclear (Kibbe, 2005).... First, I agree that application-level data security is claimed to be sufficient for hitech and HIPAA compliance.... Unfortunately, hitech does not cover these additional technological solutions even though HIPAA requires that all healthcare providers do (Kibbe, 2005)....
2 Pages (500 words) Essay

Risk Management Position in Healthcare Designated Record Set HIPAA Privacy Laws

This paper aims to analyze a case study of a doctor who breached the rules of the HIPAA and was sentenced.... nbsp; The paper outlines a risk management program gives the potential recommendations that can be implemented to avert undue risks and harms.... nbsp;… This research will begin with the statement that Privacy rules and the Health Insurance Portability and Accountability Act (HIPAA) regulate what information regarding the health of an individual can be used and disclosed....
7 Pages (1750 words) Research Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us