HIPAA Security Rule

The Security Standards for the Protection of Electronic Protected Health Information, commonly known as the HIPAA Security Rule, establishes national standards for securing patient data that is stored or transferred electronically.

The Security Standards for the Protection of Electronic Protected Health Information, commonly known as the HIPAA Security Rule, establishes national standards for securing patient data that is stored or transferred electronically.

The rule requires the placement of safeguards, both physical and electronic, to ensure the secure passage, maintenance and reception of protected health information (PHI). When addressing the risks and vulnerabilities associated with PHI and electronic protected health information (ePHI), there are three key questions health care organizations should ask.

  • Can you identify the sources of ePHI and PHI within your organization, including all PHI that you create, receive, maintain or transmit?
  • What are the external sources of PHI?
  • What are the human, natural, and environmental threats to information systems that contain EPHI and PHI?

Enforced by the Office for Civil Rights (OCR) within the U.S. Department of Health and Human Services (HHS), the HIPAA Security Rule aims to protect patient security while still allowing the health care industry to advance technologically.

This was first published in March 2012

Continue Reading About HIPAA Security Rule

Glossary

'HIPAA Security Rule' is part of the:

View All Definitions

Dig deeper on Federal health care policy issues and health care reform

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

SearchCIO

SearchCloudComputing

SearchMobileComputing

SearchSecurity

SearchStorage

Close