Several visitors to HIPAA.com have asked if ‘certification’ can substitute for compliance with the HIPAA Privacy and Security training standards and new Privacy requirements under the HITECH Act. Generally, certification is a snapshot in a moment of time. The Merrim-Webster’s Collegiate Dictionary (11th ed.) defines certification as the act or state of “attest[ing] as being true or as represented or as meeting a standard.” Certification generally is done by an external source. Training is an ongoing internal process for safeguarding protected health information from unauthorized use or disclosure as business policies and procedures evolve and regulatory standards are initiated or modified. Further, training requires that workforce members, including management, demonstrate…
Month: September 2009
Three Key Properties of HIPAA Privacy and Security of Protected Health Information
HIPAA.com has received from its readers requests for information on topics related to HIPAA Administrative Simplification Privacy and Security Rules and to updates to those rules reflected in the HITECH Act provisions of the American Recovery and Reinvestment Act of 2009, signed by President Obama on February 17, 2009. Recently, HIPAA.com answered the question of particular interest to several readers: what exactly is protected health information (PHI)? In this posting, we answer the question: what are the fundamental properties that underlie privacy and security of protected health information? Three Key Properties The three key properties that underpin privacy and security under the Health Insurance Portability and Accountability Act (HIPAA) are availability,…
HIPAA ‘Protected Health Information’: What Does PHI Include?
HIPAA.com has received from its readers requests for information on topics related to HIPAA Administrative Simplification Privacy and Security Rules and to updates to those rules reflected in the HITECH Act provisions of the American Recovery and Reinvestment Act of 2009, signed by President Obama on February 17, 2009. Of particular interest to readers is: what exactly is protected health information (PHI)? Protected Health Information To get to protected health information, you have to examine two definitions that were in Section 1171 of Part C of Subtitle F of Public Law 104-191 (August 21, 1996): Health Insurance Portability and Accountability Act of 1996: Administrative Simplification. These statutory definitions are of…