In 1996, the Health Insurance Portability and Accountability Act (HIPAA) was enacted to protect health information by establishing transaction standards for the exchange of health information, security standards, and privacy standards for the use and disclosure of individually identifiable health information. Entities directly impacted by this act are health plans, health clearinghouses and healthcare providers (“TLC HIPAA Overview”, n.d.).
Although there are other rules incorporated in HIPAA, the Security Rule has the most direct impact on hospital technology systems including network infrastructure. This rule addresses security measures such as user authentication, access controls, audit trails, controls of external communication links and access, physical security, systems back up, and disaster recovery. With increasingly more information being stored and transmitted electronically, the Security Rule works to identify and regulate these activities (Gue, n.d.).
This document is in PDF format. To view it click here.