SlideShare a Scribd company logo

Understanding the Importance of HIPAA Compliance

Download as PPTX, PDF
Manas Deep
Manas Deep

This document discusses the importance of HIPAA compliance for information security. It begins with an introduction of the author and agenda. It then explains what HIPAA is, why it was implemented, and who are covered entities and business associates. The three pillars of HIPAA compliance are described as the Privacy Rule, Security Rule, and Breach Notification Rule. Covered entities are defined as healthcare organizations that store, process or transmit personal health information. Business associates provide services to covered entities and must also comply with HIPAA. The document outlines key aspects of each HIPAA component and requirements for breach notification. It emphasizes the critical need for organizations to understand and follow HIPAA regulations to protect private health information and reduce liability

Healthcare
1 of 11
Understanding HIPAA Impact and Importance in Information Security…. Manasdeep (manasdeeps@gmail.com)
#aboutme • Information Security Consultant • Interested in Compliance and Penetration Testing • Have a flair in writing for Information Security • Like to learn and demonstrate latest security attack vectors and technologies
Agenda • What is HIPAA? • Why HIPAA was needed? • Who are the covered entities (CE) and Business Associates (BA) ? • Three Pillars of HIPAA Compliance • Critical success factor for achieving HIPAA compliance • Actions to Reduce Liability & Risks • Q&A
Structure of HIPAA
HIPAA Components in Focus HIPAA is the Federal Health Insurance Portability and Accountability Act of 1996. Administered by the U.S. Department of Health and Human Services (HHS). Implementation and civil enforcement are overseen by the HHS Office for Civil Rights (OCR). HIPAA Privacy Rule, protects the privacy of individually identifiable health information; HIPAA Security Rule sets national standards for the security of electronic protected health information; HIPAA Breach Notification Rule, which requires covered entities and business associates to provide notification following a breach of unsecured protected health information
Why HIPAA was needed? 1. Insurance companies denied coverage to employees that had a pre-existing condition, even if employees were previously covered by another employer. 2. No standardization for billing formats and codes used to file claims 3. No standardization for billing formats and codes used to file claims Basic information, such as patient name and treatment date, was formatted differently by each payer 4. Insurance coding was very complex, there were many errors Companies often rejected many claims and delayed payments to providers High cost for administration HL7, ICD-10
HIPAA Protects…… Individuals‘ personally identifiable health information.  Health conditions – diagnosis, test results  Demographic information – name, address, gender  Clinical data – vital signs, lab results, etc.  Treatments & procedures  Billing and payment information Protected health information (PHI) which is:  Transmitted by electronic media;  Maintained in electronic media; or  Transmitted or maintained in any other form or medium.
Pillars of HIPAA Privacy Rule  Notice of privacy practices  Rights over PHI  Access to PHI  Uses and disclosures  Accounting of disclosures Security Rule  Administrative  Physical  Technical Breach notification requirements for:  Covered Entities (CE) and  Business Associates (BA) Breach Notification Rule
Extent of HIPAA Applicabilty Covered Entities Any healthcare organization that stores, processes, or transmits personal health information Entity that involve the use or disclosure of protected health information on behalf of, or provides services to, a covered entity. Business Associates Business associate services can be in : legal; actuarial; accounting; consulting; data aggregation; management; administrative; accreditation; and financial. Covered Entities can be: Health Plan Health Care Provider Health Care Clearinghouse
Breach Notification What to do? • Risk Assessment of Breach • Notification to Individuals impacted by breach • within 60 days of discovery of a breach • It depends by State law, too Focus on: • Content of Notification • Notification to the media • Notification to the Secretary • Notification by a business associate • Law enforcement delay • Burden of Proof HHS – “Wall of Shame” https://ocrportal.hhs.gov/ocr/breach/breach_r eport.jsf
THANK YOU !! - Manasdeephttp://reflect-infosec.blogspot.in/ https://twitter.com/manasdeep https://in.linkedin.com/in/manasdeep

Recommended

HIPAA and How it Applies to You
HIPAA and How it Applies to YouHIPAA and How it Applies to You
HIPAA and How it Applies to YouWinston & Strawn LLP
 
HIPAA
HIPAAHIPAA
HIPAALibbyGoodman
 
HIPAA Compliance
HIPAA ComplianceHIPAA Compliance
HIPAA ComplianceManny Oliverez
 
HIPAA Privacy & Security
HIPAA Privacy & SecurityHIPAA Privacy & Security
HIPAA Privacy & SecurityNational Pharmacy Technician Association
 
A brief introduction to hipaa compliance
A brief introduction to hipaa complianceA brief introduction to hipaa compliance
A brief introduction to hipaa compliancePrince George
 
Confidentiality
ConfidentialityConfidentiality
ConfidentialityDeniseMHA
 
Pharmacovigilance AND HIPAA
Pharmacovigilance AND HIPAA Pharmacovigilance AND HIPAA
Pharmacovigilance AND HIPAA Prajal M. Christian
 
HIPAA in 2023: Changes, Updates, and Best Practices
HIPAA in 2023: Changes, Updates, and Best PracticesHIPAA in 2023: Changes, Updates, and Best Practices
HIPAA in 2023: Changes, Updates, and Best PracticesConference Panel
 

Recommended

HIPAA and How it Applies to You
HIPAA and How it Applies to YouHIPAA and How it Applies to You
HIPAA and How it Applies to YouWinston & Strawn LLP
 
HIPAA
HIPAAHIPAA
HIPAALibbyGoodman
 
HIPAA Compliance
HIPAA ComplianceHIPAA Compliance
HIPAA ComplianceManny Oliverez
 
HIPAA Privacy & Security
HIPAA Privacy & SecurityHIPAA Privacy & Security
HIPAA Privacy & SecurityNational Pharmacy Technician Association
 
A brief introduction to hipaa compliance
A brief introduction to hipaa complianceA brief introduction to hipaa compliance
A brief introduction to hipaa compliancePrince George
 
Confidentiality
ConfidentialityConfidentiality
ConfidentialityDeniseMHA
 
Pharmacovigilance AND HIPAA
Pharmacovigilance AND HIPAA Pharmacovigilance AND HIPAA
Pharmacovigilance AND HIPAA Prajal M. Christian
 
HIPAA in 2023: Changes, Updates, and Best Practices
HIPAA in 2023: Changes, Updates, and Best PracticesHIPAA in 2023: Changes, Updates, and Best Practices
HIPAA in 2023: Changes, Updates, and Best PracticesConference Panel
 
Hipaa slideshow
Hipaa slideshowHipaa slideshow
Hipaa slideshowheronimus92
 
Health Information Privacy and Security (November 8, 2021)
Health Information Privacy and Security (November 8, 2021)Health Information Privacy and Security (November 8, 2021)
Health Information Privacy and Security (November 8, 2021)Nawanan Theera-Ampornpunt
 
Telemedicine: A Health Informatician's Point of View
Telemedicine: A Health Informatician's Point of ViewTelemedicine: A Health Informatician's Point of View
Telemedicine: A Health Informatician's Point of ViewNawanan Theera-Ampornpunt
 
Electronic health records
Electronic health recordsElectronic health records
Electronic health recordsJocelyn Garcia
 
Health Informatics
Health InformaticsHealth Informatics
Health InformaticsThe University of Findlay
 
Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...
Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...
Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...Michael Sukachev
 
Introduction to Health Informatics
Introduction to Health InformaticsIntroduction to Health Informatics
Introduction to Health Informaticsasm071149
 
Overview on data privacy
Overview on data privacy Overview on data privacy
Overview on data privacy Amiit Keshav Naik
 
Data protection
Data protectionData protection
Data protectionLewis Silkin
 
Health Insurance and Portability and Accountability Act
Health Insurance and Portability and Accountability ActHealth Insurance and Portability and Accountability Act
Health Insurance and Portability and Accountability Actসারন দাস
 
HIPAA Complaince
HIPAA ComplainceHIPAA Complaince
HIPAA ComplainceFarhatParveen10
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPRDipanjanDey12
 
HIPAA AND INFORMATION TECHNOLOGY
HIPAA AND INFORMATION TECHNOLOGYHIPAA AND INFORMATION TECHNOLOGY
HIPAA AND INFORMATION TECHNOLOGYmariaradziminski
 
Electronic Health Records (ITCS404: IT for Healthcare Services)
Electronic Health Records (ITCS404: IT for Healthcare Services)Electronic Health Records (ITCS404: IT for Healthcare Services)
Electronic Health Records (ITCS404: IT for Healthcare Services)Nawanan Theera-Ampornpunt
 
Health Informatics for Clinical Research (November 25, 2021)
Health Informatics for Clinical Research (November 25, 2021)Health Informatics for Clinical Research (November 25, 2021)
Health Informatics for Clinical Research (November 25, 2021)Nawanan Theera-Ampornpunt
 
HIPAA
HIPAAHIPAA
HIPAAAlanoud Alqoufi
 
Data Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsData Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsAT Internet
 
Information security
Information securityInformation security
Information securityMustahid Ali
 
Health information security system
Health information security systemHealth information security system
Health information security systemDiana Fernandez
 
Presentation hippa
Presentation hippaPresentation hippa
Presentation hippamaggie_Platt
 
Hipaa risk analysis_1.4
Hipaa risk analysis_1.4Hipaa risk analysis_1.4
Hipaa risk analysis_1.4SISA Information Security Pvt.Ltd
 
New trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileNew trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileSISA Information Security Pvt.Ltd
 

More Related Content

What's hot

Health Information Privacy and Security (November 8, 2021)
Health Information Privacy and Security (November 8, 2021)Health Information Privacy and Security (November 8, 2021)
Health Information Privacy and Security (November 8, 2021)Nawanan Theera-Ampornpunt
 
Telemedicine: A Health Informatician's Point of View
Telemedicine: A Health Informatician's Point of ViewTelemedicine: A Health Informatician's Point of View
Telemedicine: A Health Informatician's Point of ViewNawanan Theera-Ampornpunt
 
Electronic health records
Electronic health recordsElectronic health records
Electronic health recordsJocelyn Garcia
 
Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...
Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...
Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...Michael Sukachev
 
Introduction to Health Informatics
Introduction to Health InformaticsIntroduction to Health Informatics
Introduction to Health Informaticsasm071149
 
Health Insurance and Portability and Accountability Act
Health Insurance and Portability and Accountability ActHealth Insurance and Portability and Accountability Act
Health Insurance and Portability and Accountability Actসারন দাস
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPRDipanjanDey12
 
HIPAA AND INFORMATION TECHNOLOGY
HIPAA AND INFORMATION TECHNOLOGYHIPAA AND INFORMATION TECHNOLOGY
HIPAA AND INFORMATION TECHNOLOGYmariaradziminski
 
Electronic Health Records (ITCS404: IT for Healthcare Services)
Electronic Health Records (ITCS404: IT for Healthcare Services)Electronic Health Records (ITCS404: IT for Healthcare Services)
Electronic Health Records (ITCS404: IT for Healthcare Services)Nawanan Theera-Ampornpunt
 
Health Informatics for Clinical Research (November 25, 2021)
Health Informatics for Clinical Research (November 25, 2021)Health Informatics for Clinical Research (November 25, 2021)
Health Informatics for Clinical Research (November 25, 2021)Nawanan Theera-Ampornpunt
 
Data Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsData Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsAT Internet
 
Information security
Information securityInformation security
Information securityMustahid Ali
 
Health information security system
Health information security systemHealth information security system
Health information security systemDiana Fernandez
 
Presentation hippa
Presentation hippaPresentation hippa
Presentation hippamaggie_Platt
 

What's hot (20)

Hipaa slideshow
Hipaa slideshowHipaa slideshow
Hipaa slideshow
 
Health Information Privacy and Security (November 8, 2021)
Health Information Privacy and Security (November 8, 2021)Health Information Privacy and Security (November 8, 2021)
Health Information Privacy and Security (November 8, 2021)
 
Telemedicine: A Health Informatician's Point of View
Telemedicine: A Health Informatician's Point of ViewTelemedicine: A Health Informatician's Point of View
Telemedicine: A Health Informatician's Point of View
 
Electronic health records
Electronic health recordsElectronic health records
Electronic health records
 
Health Informatics
Health InformaticsHealth Informatics
Health Informatics
 
Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...
Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...
Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...
 
Introduction to Health Informatics
Introduction to Health InformaticsIntroduction to Health Informatics
Introduction to Health Informatics
 
Overview on data privacy
Overview on data privacy Overview on data privacy
Overview on data privacy
 
Data protection
Data protectionData protection
Data protection
 
Health Insurance and Portability and Accountability Act
Health Insurance and Portability and Accountability ActHealth Insurance and Portability and Accountability Act
Health Insurance and Portability and Accountability Act
 
HIPAA Complaince
HIPAA ComplainceHIPAA Complaince
HIPAA Complaince
 
Presentation on GDPR
Presentation on GDPRPresentation on GDPR
Presentation on GDPR
 
HIPAA AND INFORMATION TECHNOLOGY
HIPAA AND INFORMATION TECHNOLOGYHIPAA AND INFORMATION TECHNOLOGY
HIPAA AND INFORMATION TECHNOLOGY
 
Electronic Health Records (ITCS404: IT for Healthcare Services)
Electronic Health Records (ITCS404: IT for Healthcare Services)Electronic Health Records (ITCS404: IT for Healthcare Services)
Electronic Health Records (ITCS404: IT for Healthcare Services)
 
Health Informatics for Clinical Research (November 25, 2021)
Health Informatics for Clinical Research (November 25, 2021)Health Informatics for Clinical Research (November 25, 2021)
Health Informatics for Clinical Research (November 25, 2021)
 
HIPAA
HIPAAHIPAA
HIPAA
 
Data Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethicsData Privacy: What you need to know about privacy, from compliance to ethics
Data Privacy: What you need to know about privacy, from compliance to ethics
 
Information security
Information securityInformation security
Information security
 
Health information security system
Health information security systemHealth information security system
Health information security system
 
Presentation hippa
Presentation hippaPresentation hippa
Presentation hippa
 

Viewers also liked

HIPAA HiTech Security Assessment
HIPAA HiTech Security AssessmentHIPAA HiTech Security Assessment
HIPAA HiTech Security Assessmentdata brackets
 
Sujobinterview 090508185333 Phpapp01
Sujobinterview 090508185333 Phpapp01Sujobinterview 090508185333 Phpapp01
Sujobinterview 090508185333 Phpapp01Wlovelady
 
Hipaa and him security brunelle
Hipaa and him security brunelleHipaa and him security brunelle
Hipaa and him security brunellesjbusnpa
 
Skapa värden med kundmötet
Skapa värden med kundmötetSkapa värden med kundmötet
Skapa värden med kundmötetMartin Moström
 
SISA Collaboration without boundaries
SISA Collaboration without boundariesSISA Collaboration without boundaries
SISA Collaboration without boundariesSitra / Hyvinvointi
 
Selling Data Security Technology
Selling Data Security TechnologySelling Data Security Technology
Selling Data Security TechnologyFlaskdata.io
 
Information security: importance of having defined policy & process
Information security: importance of having defined policy & processInformation security: importance of having defined policy & process
Information security: importance of having defined policy & processInformation Technology Society Nepal
 

Viewers also liked (10)

Hipaa risk analysis_1.4
Hipaa risk analysis_1.4Hipaa risk analysis_1.4
Hipaa risk analysis_1.4
 
New trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileNew trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & Mobile
 
HIPAA HiTech Security Assessment
HIPAA HiTech Security AssessmentHIPAA HiTech Security Assessment
HIPAA HiTech Security Assessment
 
Sujobinterview 090508185333 Phpapp01
Sujobinterview 090508185333 Phpapp01Sujobinterview 090508185333 Phpapp01
Sujobinterview 090508185333 Phpapp01
 
Hipaa and him security brunelle
Hipaa and him security brunelleHipaa and him security brunelle
Hipaa and him security brunelle
 
Skapa värden med kundmötet
Skapa värden med kundmötetSkapa värden med kundmötet
Skapa värden med kundmötet
 
SISA Collaboration without boundaries
SISA Collaboration without boundariesSISA Collaboration without boundaries
SISA Collaboration without boundaries
 
Selling Data Security Technology
Selling Data Security TechnologySelling Data Security Technology
Selling Data Security Technology
 
HIPAA security risk assessments
HIPAA security risk assessmentsHIPAA security risk assessments
HIPAA security risk assessments
 
Information security: importance of having defined policy & process
Information security: importance of having defined policy & processInformation security: importance of having defined policy & process
Information security: importance of having defined policy & process
 

Similar to Understanding the Importance of HIPAA Compliance

HIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceHIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceJay Hodes
 
The Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceThe Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceJim Anfield
 
Navigating Healthcare Compliance: A Guide to HIPAA Certification
Navigating Healthcare Compliance: A Guide to HIPAA CertificationNavigating Healthcare Compliance: A Guide to HIPAA Certification
Navigating Healthcare Compliance: A Guide to HIPAA CertificationShyamMishra72
 
HIPAA Panel Discussion
HIPAA Panel Discussion HIPAA Panel Discussion
HIPAA Panel Discussion Dan Wellisch
 
HIPAA Compliance For Small Practices
HIPAA Compliance For Small PracticesHIPAA Compliance For Small Practices
HIPAA Compliance For Small PracticesNisos Health
 
HIPAA Audit Implementation
HIPAA Audit ImplementationHIPAA Audit Implementation
HIPAA Audit ImplementationValency Networks
 
Mha 690 ppt hipaa for healthcare professionals
Mha 690 ppt hipaa for healthcare professionalsMha 690 ppt hipaa for healthcare professionals
Mha 690 ppt hipaa for healthcare professionalslee5lee
 
Connectria Hosting- HIPAA Compliant Hosting Services
Connectria Hosting- HIPAA Compliant Hosting ServicesConnectria Hosting- HIPAA Compliant Hosting Services
Connectria Hosting- HIPAA Compliant Hosting ServicesConnectria
 
Week 1 discussion 2 hipaa and privacy training
Week 1 discussion 2 hipaa and privacy trainingWeek 1 discussion 2 hipaa and privacy training
Week 1 discussion 2 hipaa and privacy trainingvrgill22
 
Understanding the Importance of HIPAA Compliance in Medical Billing Software.pdf
Understanding the Importance of HIPAA Compliance in Medical Billing Software.pdfUnderstanding the Importance of HIPAA Compliance in Medical Billing Software.pdf
Understanding the Importance of HIPAA Compliance in Medical Billing Software.pdfOmniMD Healthcare
 
HIPPA---Chantel Artis Spencer
HIPPA---Chantel Artis SpencerHIPPA---Chantel Artis Spencer
HIPPA---Chantel Artis Spencershay1234
 
how to really implement hipaa presentation
how to really implement hipaa presentationhow to really implement hipaa presentation
how to really implement hipaa presentationProvider Resources Group
 
PSOW 2016 - HIPAA Compliance for EMS Community
PSOW 2016 - HIPAA Compliance for EMS CommunityPSOW 2016 - HIPAA Compliance for EMS Community
PSOW 2016 - HIPAA Compliance for EMS CommunityPSOW
 
Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMBMeHealthCareSolutions
 
Privacy-Security-Training-Session-Template-4.6.21.pptx
Privacy-Security-Training-Session-Template-4.6.21.pptxPrivacy-Security-Training-Session-Template-4.6.21.pptx
Privacy-Security-Training-Session-Template-4.6.21.pptxMohammadBashir26
 
Explaining the HIPAA Privacy[.docx
Explaining the HIPAA Privacy[.docxExplaining the HIPAA Privacy[.docx
Explaining the HIPAA Privacy[.docxVistaInfosec
 
Does your Mobile App require HIPAA Compliance.pdf
Does your Mobile App require HIPAA Compliance.pdfDoes your Mobile App require HIPAA Compliance.pdf
Does your Mobile App require HIPAA Compliance.pdfShelly Megan
 
HIPAA-Compliant App Development Guide for the Healthcare Industry.pdf
HIPAA-Compliant App Development Guide for the Healthcare Industry.pdfHIPAA-Compliant App Development Guide for the Healthcare Industry.pdf
HIPAA-Compliant App Development Guide for the Healthcare Industry.pdfSuccessiveDigital
 

Similar to Understanding the Importance of HIPAA Compliance (20)

HIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of ComplianceHIPAA - Understanding the Basics of Compliance
HIPAA - Understanding the Basics of Compliance
 
Hipaa for business associates simple
Hipaa for business associates simpleHipaa for business associates simple
Hipaa for business associates simple
 
The Startup Path to HIPAA Compliance
The Startup Path to HIPAA ComplianceThe Startup Path to HIPAA Compliance
The Startup Path to HIPAA Compliance
 
Navigating Healthcare Compliance: A Guide to HIPAA Certification
Navigating Healthcare Compliance: A Guide to HIPAA CertificationNavigating Healthcare Compliance: A Guide to HIPAA Certification
Navigating Healthcare Compliance: A Guide to HIPAA Certification
 
HIPAA Panel Discussion
HIPAA Panel Discussion HIPAA Panel Discussion
HIPAA Panel Discussion
 
HIPAA Compliance For Small Practices
HIPAA Compliance For Small PracticesHIPAA Compliance For Small Practices
HIPAA Compliance For Small Practices
 
HIPAA Audit Implementation
HIPAA Audit ImplementationHIPAA Audit Implementation
HIPAA Audit Implementation
 
Mha 690 ppt hipaa for healthcare professionals
Mha 690 ppt hipaa for healthcare professionalsMha 690 ppt hipaa for healthcare professionals
Mha 690 ppt hipaa for healthcare professionals
 
HIPAA Basics by Brian Fleetham
HIPAA Basics by Brian FleethamHIPAA Basics by Brian Fleetham
HIPAA Basics by Brian Fleetham
 
Connectria Hosting- HIPAA Compliant Hosting Services
Connectria Hosting- HIPAA Compliant Hosting ServicesConnectria Hosting- HIPAA Compliant Hosting Services
Connectria Hosting- HIPAA Compliant Hosting Services
 
Week 1 discussion 2 hipaa and privacy training
Week 1 discussion 2 hipaa and privacy trainingWeek 1 discussion 2 hipaa and privacy training
Week 1 discussion 2 hipaa and privacy training
 
Understanding the Importance of HIPAA Compliance in Medical Billing Software.pdf
Understanding the Importance of HIPAA Compliance in Medical Billing Software.pdfUnderstanding the Importance of HIPAA Compliance in Medical Billing Software.pdf
Understanding the Importance of HIPAA Compliance in Medical Billing Software.pdf
 
HIPPA---Chantel Artis Spencer
HIPPA---Chantel Artis SpencerHIPPA---Chantel Artis Spencer
HIPPA---Chantel Artis Spencer
 
how to really implement hipaa presentation
how to really implement hipaa presentationhow to really implement hipaa presentation
how to really implement hipaa presentation
 
PSOW 2016 - HIPAA Compliance for EMS Community
PSOW 2016 - HIPAA Compliance for EMS CommunityPSOW 2016 - HIPAA Compliance for EMS Community
PSOW 2016 - HIPAA Compliance for EMS Community
 
Mbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk AssessmentMbm Hipaa Hitech Ss Compliance Risk Assessment
Mbm Hipaa Hitech Ss Compliance Risk Assessment
 
Privacy-Security-Training-Session-Template-4.6.21.pptx
Privacy-Security-Training-Session-Template-4.6.21.pptxPrivacy-Security-Training-Session-Template-4.6.21.pptx
Privacy-Security-Training-Session-Template-4.6.21.pptx
 
Explaining the HIPAA Privacy[.docx
Explaining the HIPAA Privacy[.docxExplaining the HIPAA Privacy[.docx
Explaining the HIPAA Privacy[.docx
 
Does your Mobile App require HIPAA Compliance.pdf
Does your Mobile App require HIPAA Compliance.pdfDoes your Mobile App require HIPAA Compliance.pdf
Does your Mobile App require HIPAA Compliance.pdf
 
HIPAA-Compliant App Development Guide for the Healthcare Industry.pdf
HIPAA-Compliant App Development Guide for the Healthcare Industry.pdfHIPAA-Compliant App Development Guide for the Healthcare Industry.pdf
HIPAA-Compliant App Development Guide for the Healthcare Industry.pdf
 

Recently uploaded

Russian Escorts Delhi | 9711199171 | all area service available
Russian Escorts Delhi | 9711199171 | all area service availableRussian Escorts Delhi | 9711199171 | all area service available
Russian Escorts Delhi | 9711199171 | all area service availablesandeepkumar69420
 
Call Girls Hyderabad Krisha 9907093804 Independent Escort Service Hyderabad
Call Girls Hyderabad Krisha 9907093804 Independent Escort Service HyderabadCall Girls Hyderabad Krisha 9907093804 Independent Escort Service Hyderabad
Call Girls Hyderabad Krisha 9907093804 Independent Escort Service Hyderabaddelhimodelshub1
 
Call Girls LB Nagar 7001305949 all area service COD available Any Time
Call Girls LB Nagar 7001305949 all area service COD available Any TimeCall Girls LB Nagar 7001305949 all area service COD available Any Time
Call Girls LB Nagar 7001305949 all area service COD available Any Timedelhimodelshub1
 
Russian Call Girls in Hyderabad Ishita 9907093804 Independent Escort Service ...
Russian Call Girls in Hyderabad Ishita 9907093804 Independent Escort Service ...Russian Call Girls in Hyderabad Ishita 9907093804 Independent Escort Service ...
Russian Call Girls in Hyderabad Ishita 9907093804 Independent Escort Service ...delhimodelshub1
 
Call Girls Kukatpally 7001305949 all area service COD available Any Time
Call Girls Kukatpally 7001305949 all area service COD available Any TimeCall Girls Kukatpally 7001305949 all area service COD available Any Time
Call Girls Kukatpally 7001305949 all area service COD available Any Timedelhimodelshub1
 
VIP Call Girl Sector 25 Gurgaon Just Call Me 9899900591
VIP Call Girl Sector 25 Gurgaon Just Call Me 9899900591VIP Call Girl Sector 25 Gurgaon Just Call Me 9899900591
VIP Call Girl Sector 25 Gurgaon Just Call Me 9899900591adityaroy0215
 
Escorts in Gurgaon Aarohi 9711199171 VIP Call Girl in Gurgaon Personal Number
Escorts in Gurgaon Aarohi 9711199171 VIP Call Girl in Gurgaon Personal NumberEscorts in Gurgaon Aarohi 9711199171 VIP Call Girl in Gurgaon Personal Number
Escorts in Gurgaon Aarohi 9711199171 VIP Call Girl in Gurgaon Personal NumberCall Girls Service Gurgaon
 
VIP Call Girls Hyderabad Megha 9907093804 Independent Escort Service Hyderabad
VIP Call Girls Hyderabad Megha 9907093804 Independent Escort Service HyderabadVIP Call Girls Hyderabad Megha 9907093804 Independent Escort Service Hyderabad
VIP Call Girls Hyderabad Megha 9907093804 Independent Escort Service Hyderabaddelhimodelshub1
 
Russian Call Girls in Raipur 9873940964 Book Hot And Sexy Girls
Russian Call Girls in Raipur 9873940964 Book Hot And Sexy GirlsRussian Call Girls in Raipur 9873940964 Book Hot And Sexy Girls
Russian Call Girls in Raipur 9873940964 Book Hot And Sexy Girlsddev2574
 
Gurgaon Sector 68 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...
Gurgaon Sector 68 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...Gurgaon Sector 68 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...
Gurgaon Sector 68 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...ggsonu500
 
Call Girls Madhapur 7001305949 all area service COD available Any Time
Call Girls Madhapur 7001305949 all area service COD available Any TimeCall Girls Madhapur 7001305949 all area service COD available Any Time
Call Girls Madhapur 7001305949 all area service COD available Any Timedelhimodelshub1
 
Gurgaon Sector 90 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...
Gurgaon Sector 90 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...Gurgaon Sector 90 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...
Gurgaon Sector 90 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...ggsonu500
 
Russian Call Girls in Goa Samaira 7001305949 Independent Escort Service Goa
Russian Call Girls in Goa Samaira 7001305949 Independent Escort Service GoaRussian Call Girls in Goa Samaira 7001305949 Independent Escort Service Goa
Russian Call Girls in Goa Samaira 7001305949 Independent Escort Service Goanarwatsonia7
 
Call Girls Secunderabad 7001305949 all area service COD available Any Time
Call Girls Secunderabad 7001305949 all area service COD available Any TimeCall Girls Secunderabad 7001305949 all area service COD available Any Time
Call Girls Secunderabad 7001305949 all area service COD available Any Timedelhimodelshub1
 
Russian Call Girls in Chandigarh Ojaswi ❤️🍑 9907093804 👄🫦 Independent Escort ...
Russian Call Girls in Chandigarh Ojaswi ❤️🍑 9907093804 👄🫦 Independent Escort ...Russian Call Girls in Chandigarh Ojaswi ❤️🍑 9907093804 👄🫦 Independent Escort ...
Russian Call Girls in Chandigarh Ojaswi ❤️🍑 9907093804 👄🫦 Independent Escort ...High Profile Call Girls Chandigarh Aarushi
 
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...High Profile Call Girls Chandigarh Aarushi
 
Leading transformational change: inner and outer skills
Leading transformational change: inner and outer skillsLeading transformational change: inner and outer skills
Leading transformational change: inner and outer skillsHelenBevan4
 

Recently uploaded (20)

Russian Escorts Delhi | 9711199171 | all area service available
Russian Escorts Delhi | 9711199171 | all area service availableRussian Escorts Delhi | 9711199171 | all area service available
Russian Escorts Delhi | 9711199171 | all area service available
 
Call Girls Hyderabad Krisha 9907093804 Independent Escort Service Hyderabad
Call Girls Hyderabad Krisha 9907093804 Independent Escort Service HyderabadCall Girls Hyderabad Krisha 9907093804 Independent Escort Service Hyderabad
Call Girls Hyderabad Krisha 9907093804 Independent Escort Service Hyderabad
 
VIP Call Girls Lucknow Isha 🔝 9719455033 🔝 🎶 Independent Escort Service Lucknow
VIP Call Girls Lucknow Isha 🔝 9719455033 🔝 🎶 Independent Escort Service LucknowVIP Call Girls Lucknow Isha 🔝 9719455033 🔝 🎶 Independent Escort Service Lucknow
VIP Call Girls Lucknow Isha 🔝 9719455033 🔝 🎶 Independent Escort Service Lucknow
 
Call Girls LB Nagar 7001305949 all area service COD available Any Time
Call Girls LB Nagar 7001305949 all area service COD available Any TimeCall Girls LB Nagar 7001305949 all area service COD available Any Time
Call Girls LB Nagar 7001305949 all area service COD available Any Time
 
Russian Call Girls in Hyderabad Ishita 9907093804 Independent Escort Service ...
Russian Call Girls in Hyderabad Ishita 9907093804 Independent Escort Service ...Russian Call Girls in Hyderabad Ishita 9907093804 Independent Escort Service ...
Russian Call Girls in Hyderabad Ishita 9907093804 Independent Escort Service ...
 
Call Girls Kukatpally 7001305949 all area service COD available Any Time
Call Girls Kukatpally 7001305949 all area service COD available Any TimeCall Girls Kukatpally 7001305949 all area service COD available Any Time
Call Girls Kukatpally 7001305949 all area service COD available Any Time
 
VIP Call Girl Sector 25 Gurgaon Just Call Me 9899900591
VIP Call Girl Sector 25 Gurgaon Just Call Me 9899900591VIP Call Girl Sector 25 Gurgaon Just Call Me 9899900591
VIP Call Girl Sector 25 Gurgaon Just Call Me 9899900591
 
Escorts in Gurgaon Aarohi 9711199171 VIP Call Girl in Gurgaon Personal Number
Escorts in Gurgaon Aarohi 9711199171 VIP Call Girl in Gurgaon Personal NumberEscorts in Gurgaon Aarohi 9711199171 VIP Call Girl in Gurgaon Personal Number
Escorts in Gurgaon Aarohi 9711199171 VIP Call Girl in Gurgaon Personal Number
 
College Call Girls Dehradun Kavya 🔝 7001305949 🔝 📍 Independent Escort Service...
College Call Girls Dehradun Kavya 🔝 7001305949 🔝 📍 Independent Escort Service...College Call Girls Dehradun Kavya 🔝 7001305949 🔝 📍 Independent Escort Service...
College Call Girls Dehradun Kavya 🔝 7001305949 🔝 📍 Independent Escort Service...
 
VIP Call Girls Hyderabad Megha 9907093804 Independent Escort Service Hyderabad
VIP Call Girls Hyderabad Megha 9907093804 Independent Escort Service HyderabadVIP Call Girls Hyderabad Megha 9907093804 Independent Escort Service Hyderabad
VIP Call Girls Hyderabad Megha 9907093804 Independent Escort Service Hyderabad
 
Russian Call Girls in Raipur 9873940964 Book Hot And Sexy Girls
Russian Call Girls in Raipur 9873940964 Book Hot And Sexy GirlsRussian Call Girls in Raipur 9873940964 Book Hot And Sexy Girls
Russian Call Girls in Raipur 9873940964 Book Hot And Sexy Girls
 
Gurgaon Sector 68 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...
Gurgaon Sector 68 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...Gurgaon Sector 68 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...
Gurgaon Sector 68 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...
 
Call Girls Madhapur 7001305949 all area service COD available Any Time
Call Girls Madhapur 7001305949 all area service COD available Any TimeCall Girls Madhapur 7001305949 all area service COD available Any Time
Call Girls Madhapur 7001305949 all area service COD available Any Time
 
Gurgaon Sector 90 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...
Gurgaon Sector 90 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...Gurgaon Sector 90 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...
Gurgaon Sector 90 Call Girls ( 9873940964 ) Book Hot And Sexy Girls In A Few ...
 
Call Girl Guwahati Aashi 👉 7001305949 👈 🔝 Independent Escort Service Guwahati
Call Girl Guwahati Aashi 👉 7001305949 👈 🔝 Independent Escort Service GuwahatiCall Girl Guwahati Aashi 👉 7001305949 👈 🔝 Independent Escort Service Guwahati
Call Girl Guwahati Aashi 👉 7001305949 👈 🔝 Independent Escort Service Guwahati
 
Russian Call Girls in Goa Samaira 7001305949 Independent Escort Service Goa
Russian Call Girls in Goa Samaira 7001305949 Independent Escort Service GoaRussian Call Girls in Goa Samaira 7001305949 Independent Escort Service Goa
Russian Call Girls in Goa Samaira 7001305949 Independent Escort Service Goa
 
Call Girls Secunderabad 7001305949 all area service COD available Any Time
Call Girls Secunderabad 7001305949 all area service COD available Any TimeCall Girls Secunderabad 7001305949 all area service COD available Any Time
Call Girls Secunderabad 7001305949 all area service COD available Any Time
 
Russian Call Girls in Chandigarh Ojaswi ❤️🍑 9907093804 👄🫦 Independent Escort ...
Russian Call Girls in Chandigarh Ojaswi ❤️🍑 9907093804 👄🫦 Independent Escort ...Russian Call Girls in Chandigarh Ojaswi ❤️🍑 9907093804 👄🫦 Independent Escort ...
Russian Call Girls in Chandigarh Ojaswi ❤️🍑 9907093804 👄🫦 Independent Escort ...
 
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
 
Leading transformational change: inner and outer skills
Leading transformational change: inner and outer skillsLeading transformational change: inner and outer skills
Leading transformational change: inner and outer skills
 

Understanding the Importance of HIPAA Compliance

  • 1. Understanding HIPAA Impact and Importance in Information Security…. Manasdeep (manasdeeps@gmail.com)
  • 2. #aboutme • Information Security Consultant • Interested in Compliance and Penetration Testing • Have a flair in writing for Information Security • Like to learn and demonstrate latest security attack vectors and technologies
  • 3. Agenda • What is HIPAA? • Why HIPAA was needed? • Who are the covered entities (CE) and Business Associates (BA) ? • Three Pillars of HIPAA Compliance • Critical success factor for achieving HIPAA compliance • Actions to Reduce Liability & Risks • Q&A
  • 5. HIPAA Components in Focus HIPAA is the Federal Health Insurance Portability and Accountability Act of 1996. Administered by the U.S. Department of Health and Human Services (HHS). Implementation and civil enforcement are overseen by the HHS Office for Civil Rights (OCR). HIPAA Privacy Rule, protects the privacy of individually identifiable health information; HIPAA Security Rule sets national standards for the security of electronic protected health information; HIPAA Breach Notification Rule, which requires covered entities and business associates to provide notification following a breach of unsecured protected health information
  • 6. Why HIPAA was needed? 1. Insurance companies denied coverage to employees that had a pre-existing condition, even if employees were previously covered by another employer. 2. No standardization for billing formats and codes used to file claims 3. No standardization for billing formats and codes used to file claims Basic information, such as patient name and treatment date, was formatted differently by each payer 4. Insurance coding was very complex, there were many errors Companies often rejected many claims and delayed payments to providers High cost for administration HL7, ICD-10
  • 7. HIPAA Protects…… Individuals‘ personally identifiable health information.  Health conditions – diagnosis, test results  Demographic information – name, address, gender  Clinical data – vital signs, lab results, etc.  Treatments & procedures  Billing and payment information Protected health information (PHI) which is:  Transmitted by electronic media;  Maintained in electronic media; or  Transmitted or maintained in any other form or medium.
  • 8. Pillars of HIPAA Privacy Rule  Notice of privacy practices  Rights over PHI  Access to PHI  Uses and disclosures  Accounting of disclosures Security Rule  Administrative  Physical  Technical Breach notification requirements for:  Covered Entities (CE) and  Business Associates (BA) Breach Notification Rule
  • 9. Extent of HIPAA Applicabilty Covered Entities Any healthcare organization that stores, processes, or transmits personal health information Entity that involve the use or disclosure of protected health information on behalf of, or provides services to, a covered entity. Business Associates Business associate services can be in : legal; actuarial; accounting; consulting; data aggregation; management; administrative; accreditation; and financial. Covered Entities can be: Health Plan Health Care Provider Health Care Clearinghouse
  • 10. Breach Notification What to do? • Risk Assessment of Breach • Notification to Individuals impacted by breach • within 60 days of discovery of a breach • It depends by State law, too Focus on: • Content of Notification • Notification to the media • Notification to the Secretary • Notification by a business associate • Law enforcement delay • Burden of Proof HHS – “Wall of Shame” https://ocrportal.hhs.gov/ocr/breach/breach_r eport.jsf
  • 11. THANK YOU !! - Manasdeephttp://reflect-infosec.blogspot.in/ https://twitter.com/manasdeep https://in.linkedin.com/in/manasdeep