General

ELI5: HIPAA Compliant Servers

By InformaticsPro Team
ELI5: HIPAA Compliant Servers

Quick Overview of HIPAA

this post

The Privacy Rule

The Security Rule

  • Administrative SafeguardsPolicies and procedures design to clearly show how the entity will comply with the act
    examples include privacy plans, compliance officers, "need to know", ongoing training, contingency plan, etc.
  • Policies and procedures design to clearly show how the entity will comply with the act
    examples include privacy plans, compliance officers, "need to know", ongoing training, contingency plan, etc.
  • examples include privacy plans, compliance officers, "need to know", ongoing training, contingency plan, etc.
  • Technical SafeguardsTechnology, policy, and procedures that protect and controls access to ePHI
    Examples include encryption, authentication, configuration management, unauthorized change alerts, etc.
  • Technology, policy, and procedures that protect and controls access to ePHI
    Examples include encryption, authentication, configuration management, unauthorized change alerts, etc.
  • Examples include encryption, authentication, configuration management, unauthorized change alerts, etc.
  • Physical SafeguardsPhysical measures, policies, and procedures to protect ePHI
    Examples include proper disposal of equipment, scanning of equipment, placing screens out of view of a wandering eye, etc.
  • Physical measures, policies, and procedures to protect ePHI
    Examples include proper disposal of equipment, scanning of equipment, placing screens out of view of a wandering eye, etc.
  • Examples include proper disposal of equipment, scanning of equipment, placing screens out of view of a wandering eye, etc.

required

addressable - 

The Breach Notification Rule

Understanding the Nuances and Requirements for Setting up a Compliant Server

Requirement Number One:

Requirement Number Two:

Benefits of Using Outside HIPAA-Compliant Hosting Services

  • You don't have to maintain servers yourself
  • You share or transfer the risk with or to another company
  • You don't have to purchase infrastructure and hardware

Drawbacks 

of Using Outside HIPAA-Compliant Hosting Services

  • Very high costs
  • Additional agreements may need to be drafted
  • Additional considerations for application hosting may need to be discussed

References and Resources

5 Questions to ask your HIPAA Hosting Provider

HIPAA Compliant Hosting Explained

ELI5: HIPAA

3 Non-negotiable Security Practices for Clinical Information Systems

Related Articles

Welcome to the New InformaticsPro: Your Enhanced Clinical Informatics Board Exam Preparation Platform

Welcome to the New InformaticsPro: Your Enhanced Clinical Informatics Board Exam Preparation Platform

We're excited to introduce the completely rebuilt InformaticsPro platform. With practice and exam modes, smart progress tracking, enhanced question navigation, and a modern interface, your Clinical Informatics board exam preparation just got significantly better. Explore what's new.

How to Start Your Journey Towards Clinical Informatics Certification: A Step-by-Step Guide

How to Start Your Journey Towards Clinical Informatics Certification: A Step-by-Step Guide

Whether you're a physician looking to optimize healthcare delivery or a health IT professional aiming to enhance patient care, this guide provides you with the information you need. Don't miss out on this opportunity to unlock new career prospects and contribute to the advancement of healthcare systems.

2021/2022 administrivia