When the HIPAA Security Rule was first proposed in 1998, internet speeds would be considered lethargic by today’s standards — and medical records were in paper format.
A lot has changed in the decades since, except for the Security Rule.
Finalized in 2003, the rule establishes national standards for administrative, physical and technical safeguards that ensure the confidentiality and safety of electronic protected health information.
But I’m surprised to find that many people who talk about HIPAA compliance have never read the rule. Otherwise, they would know that a number of modern concerns go unaddressed.
Key words such as cyberattack, email, ransomware, phishing, smartphones, texting and virtual assistant do not appear. Other terms are vague or have dual meaning, raising the odds of misinterpretation or accidental noncompliance.
Continue reading at healthtechmagazine.net | #hipaa