Security and Confidentiality

Regardless of how the final HIPAA requirements for security and privacy are finally enacted into law, your organization will need to prevent unauthorized access, tampering and access to individually identifiable patient information.

You will also need to ensure that all business agreements with your business and trading partners, practices, providers, suppliers and vendors have appropriate security, technology and procedures in place to protect you from potential HIPAA violations.

A few things your organization needs to meet the proposed HIPAA security and privacy requirements are:

logon passwords and password policies
timely user account management
encrypted storage of patient information
network and application access procedures and restrictions
network access monitoring software
network encryption technologies
network and email virus protection
strong firewall protection

These measures not only ensure privacy and security for patient data, but for internal business systems and users as well.