Friday, November 6, 2009

HITECH Impact On Security (Miaoulis Writes)

Original Content - Posted by Bill Miaoulis.

A lot has been written about HITECH and the impact on the security efforts at healthcare organizations.  The changes with regards to security can be summed up in a few statements:
  • Breach Notification means organizations have to tell the world when they have a breach (self reporting on weak security controls?)
  • Criminal and Civil Penalties are more likely (enhanced enforcement) and have been increased significantly.
  • Business Associates and their employees must now comply with HIPAA
With notification, enhanced enforcment and increased penalties, all healthcare organizations should evaluate their current HIPAA compliance and their Security controls. 

It is always better to PREVENT a breach, then REPORT a breach.

No comments: