Question

Discuss the use of email as it may relate to HIPAA violations?

Answer 1

HIPAA-HEALTH INSURANCE PROBABILITY AND ACCOUNTABILITY ACT

It is a legisaltion that provides data privacy and security provisions for safeguarding medical information.

it was started because of fear of data breach caused by cyber attacks and ransomware attacks on health insurers and providers

ADVANTAGES:

--PROVIDES CONTINUOUS HEALTH INSURANCE COVERAGE FOR WORKERS

--REDUCES ADMINISTRATIVE BURDEN

--REDUCES HEALTH CARE WORK

--STANDARDISES ADMINISTRATIVE AND FINANCIAL TRANSACTIONS

HIPAA PRIVACY RULE:

These are the standards to protect patients personal or protacted health information (PHI)

-HEALTH AND HUMAN SERVICE (HHS) ISSUED RULE TO LIMIT USE AND DISCLOSURE OF SENSITIVE PHI

-DOCTORS have to provide patients with account of each entity to which doctor discloses phi for billing and other admin purpose and hence privacy is provided.during this health info of pt still flows through proper channel.

-PATIENT also has a righ to receive their own PHI upon request

INFORMATION PROTECTED:

-A PATIENT'S NAME,AGE,DATE OF BIRTH

- SOCIAL SECURITY NUMBER

-HIS PHYSICAL AND MENTAL HEALTH CONDITION

-ANY CARE PROVIDED TO PATIENT

-PAYMENT DETAILS WHICH WOULD DISCLOSE PATIENT'S DETAILS

-ANY OTHER DETAILS WHICH WOULD DISCLOSE PATIENT'S PERSONAL DATA

EMAIL AND HIPAA

HIPAA Security Rule does not expressly prohibit the use of email for sending e-PHI,but strict standards are to be followed to secure the details.

sender and receiver should have same encryption software(but it is a hard solution) but it has to be considered that emails are copied on to routing servers while in transit and they cannot be deleted.

new regulations stated that sending emails is an addressable regulation.HIPAA regulations for email do not ban sending ePHI by email,there is still an issue on how to send email and stay HIPAA compliant

RISK:Unauthorised person with the same encryption can gain access.