게시판내용 검색

사이트 게시판 전체검색

HIPAA (Health Insurance Portability and Accountability Act)

CS Center

Tel. 02-6749-0701

AM 9:00 ~ PM 6:00

토,일,공휴일은 휴무입니다.

02.6749.0711
info@igcert.org

Publication-English

IGC 홍보자료 배너
 

HIPAA (Health Insurance Portability and Accountability Act)

페이지 정보

profile_image
작성자 igc인증원
댓글 0건 조회 2,016회 작성일 23-08-04 10:55

본문

HIPAA (Health Insurance Portability and Accountability Act)

HIPAA?

On August 21, 1996, the U.S. Department of Health and Welfare enacted the Health Insurance Portability and Accountability Act (HIPAA) to prevent patients' personal health information (PHI) from being disclosed without their own consent.

This can be applied to medical institutions and organizations that provide related services (cloud service providers, etc.) according to the collection and utilization of electronic information. The main goal is to ensure limited and secure use of the information needed to provide personal health information.

HIPAA (Health Insurance Portability and Accountability Act)< HIPAA (Health Insurance Portability and Accountability Act) >

Information Protectable by HIPAA

The Privacy Policy (HIPAA) protects all “individually identifiable health information” possessed by covered entities or partners in any form or medium, whether electronic, paper or oral.

Individually identifiable health information includes the following information, including demographic data, name, address, date of birth, social security number, etc.

  • •  A person's past, present, or future mental health or condition
  • •  Provided Medical Services
  • •  Past, present, or future payments to provide healthcare to individuals

Subject to HIPAA

  • •  Health Plan: Individuals and groups (insurers, long-term care insurers, etc.) who provide or pay for medical services
  • •  Medical Service Provider: Any medical service provider of health information electronically, regardless of size
  • •  Healthcare Information Center: Groups that use and process non-standard information provided by other partners
  • •  Related business providers: Service providers for specific functions or activities or identifiable health information on their behalf

HIPAA Requirements

HIPAA requirements are categorized as administrative, technical, physical, and other.

  • •  Administration: establishment of information management procedures, etc.
  • •  Physical: Management of physical devices/places/systems for personal information protection, etc.
  • •  Technology: access and use of software and cloud, integrity assurance, etc.
  • •  Others: contracts with stakeholders, document management, etc.

HIPAA provides specific standards for the use of patients' medical information in medical organizations subject to privacy rules, and uses appropriate information to protect and prevent abuse of personal medical information.

Covered entities may be subject to fines through the U.S. Department of Justice or the Department of Health and Human Services if they do not comply with the requirements.

Necessity of HIPAA

  • •  Acquisition of reliability through meeting stakeholder needs
  • •  Implementation of a safe system through the establishment and operation of systematic information management procedures

댓글목록

등록된 댓글이 없습니다.