Regulations for Information Security in Healthcare

Information Security in Healthcare3

Information Security Regulations5

Review and Description of Regulations6

ARRA - American Recovery and Reinvestment Act6

Description7

Aspects of Information Security7

HIPAA: Health Insurance Portability and Accountability Act10

Description10

Aspects of Information Security10

Red Flag Rules12

Description13

Aspects of Information Security13

Medical Records RCW 70.0215

Description17

Aspects of Information Security17

Electronic Protected health Information (ePHI)18

Description19

Aspects of Information Security20

Limitations of HIPAA Security Rule21

Conclusion22

References24

Appendix27

Regulations for Information Security in Healthcare

Information Security in Healthcare

Data protection has become the most significant concern for all types of firms primarily in the healthcare domain. This has turned out to be a primary concern for everyone from a businessman to a healthcare provider all are facing problem due to this matter. In a great storm of threatening central audits, new punishments under the incentive program named Meaningful Use and threat of community exposure ensuing from the Breach Notification law of national (Williams, 2010). Organizations which have not planned properly and understood security hazards are facing improved public scrutiny. Although, in the hail of priorities, safety regularly takes second place to concerns such as patient care and budget concerns initiatives.

Development of an efficient and effective protection against internal and external attacks necessitates an advanced level of comprehensive controls and situational awareness. The attacks now have become more and more sophisticated issues of the time, with greater than before positions of the way in for hackers. Although, there are robust and simple steps healthcare organization can take in order to reduce the extent of such risks greatly (Boulos et al., 2011). By conducting cyclic risk evaluations, enabling endpoint way in security, developing a security and monitoring mitigation arrangement, and executing a remote device strategy, companies of healthcare can help shield themselves beside the majority of risks they face.

It is not a secret that healthcare organizations have faced growing hazards to PHI, comparative to other company. These threats are driven partly by the acceptance of electronic health records, and rising interconnectedness inside and among organizations through the acceptance of mobile tools and the level of health data exchanges (Siponen, Pahnila & Mahmood, 2010). The motivations for healthcare organizations to quickly adopt electronic health records are in place, as are deterrents for losing vision of information protection in the procedure. Actually, the American Recovery and Reinvestment Act of 2009 has respired exceptional life keen on the search for electronic data, with contributors qualified to get around 27 billion dollars on the whole in inducement funds. This was for the evocative use of electronic health records. Besides the incentives, healthcare service providers also might face a reduction in Medicare compensation as they do not fulfill with the law's Meaningful Use by 2015 (Fichman, Kohli & Krishnan, 2011).

Regardless of these incentives, records of over 18 million patients breached from 2009 to 2011, by a raise of 32% between 2010 and 2011 that could be charging the healthcare provider industry around 6.5 billion dollars annually. More upsetting, a 2011 study from Ponemon Institute signified that 96% of healthcare service providers had as a minimum one data break in the last ...