Nine HIPAA Network Considerations
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) Omnibus Final Rule, released January 2013, introduced some significant changes and updates. At the same time, over 100 HIPAA audits concluded in 2012. The Office of Civil Rights (OCR) released initial analysis of these audits in May 2013. The HIPAA Omnibus Final Rule and 2012 HIPAA audit results may influence how you run your network in the future. Here are nine network considerations that could impact your network and IT processes.
- HIPAA Audits will continue
- The HIPAA Audit Protocol and NIST 800-66 are your best preparation
- Knowledge is a powerful weapon―know where your PHI is
- Risk Assessment drives your baseline
- Risk Management is continuous
- Security best practices are essential
- Ignorance is not bliss
- Your business associate(s) must be tracked
- Breach discovery times: know your discovery tolerance
Each of these considerations will be explored in a nine-part blog series, posted on the healthcare blogs site.