HITECH Ratchets Up HIPAA Accountability
Modern Medicine, January 2010
3 Pages Posted: 12 Aug 2012
Date Written: January 11, 2010
Abstract
In the current risk climate, the loss of confidential patient data to unauthorized third parties presents a daunting challenge for healthcare professionals. In this context, the introduction of large networks of computerized health information has caused the number of individuals with access to patient medical records to expand exponentially.
Physicians make widespread use of laptops, home-computer links, smart phones, smart cards, USB flash drives and PDAs. E-prescribing systems link physicians and others directly to pharmacies. A contemporary physician's Blackberry typically contains far more patient information than the locked filing cabinets of previous years. Unfortunately, all of this healthcare data — ranging from medical diagnosis and treatment codes, to names, addresses, birthdates, social security numbers, bank and credit card accounts — has enormous value to identity thieves who exploit open networks and Wi-Fi systems.
Within the context of the Health Insurance Portability and Accountability Act (HIPAA) of 1996 all "covered entities" that collect private health information must comply with specific administrative, technical and physical security standards and procedures for "electronic protected health information."
Keywords: Health Insurance Portability and Accountability Act (HIPAA) of 1996, HIPAA, Health Information Technology for Economic and Clinical Health Act, HITECH, medical administration, confidential data, healthcare, identity theft, cyber risk, data compromise
JEL Classification: I10, I11, I12, I18, I19, K10, K20, K42, M12, M14
Suggested Citation: Suggested Citation