What is HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) is a United States’ regulation that organizations who operate within the field of healthcare must abide by when exchanging patient information whether in hard copy or electronic format.

HIPAA sets out data privacy requirements for companies that gather and maintain healthcare records for patients (Protected Health Information or PHI, covering both hard copy and electronic PHI). This includes medical facilities, including hospitals and clinics, health insurance agencies and any other company that gather records related to an individual’s healthcare.

The HIPAA rules are vast and detailed. Without a proper understanding of the HIPAA requirements and how they may apply to your organization, you could suffer large financial fines from the HIPAA governing body (the U.S. Department of Health & Human Services, HHS) for violating the required safeguards, even if no breach of PHI or ePHI data has occurred.

Businesses often engage an experienced, independent expert in the HIPAA regulation, its rules and requirements. This HIPAA specialist can make sure the organization fully understands the scope and applicability of HIPAA to their business, helping them to develop a strategy for and controls to protect the confidentiality, integrity, and availability of PHI.

Simply Secure’s team of information security professionals include consultants experienced in working with the HIPAA regulation and helping companies get ready for HIPAA compliance. Our consultants can walk you through the documentation and processes needed to become fully compliant with HIPAA and complete the relevant penetration test and security assessments tailored to the framework.

We take the role of “trusted advisor” for your team. We can answer your questions about the HIPAA requirements, the level and extent of documentation needed and the practices that must be implemented to be ready for your certification audit.

Find out how Simply Secure’s Audit and Assessment Services can provide the information and tools your organisation needs to achieve and maintain compliance with HIPAA.