HIPAA Final Rule: Breach Notification Guidance Safe Harbor

January 30, 2013.  Today, we look at the definition of unsecured protected health information and the Guidance Specifying the Technologies and Methodologies that Render Protected Health Information Unusable , Unreadable, or Indecipherable to Unauthorized Individuals [“Guidance”] as discussed in the January 25, 2013 Final Rule: Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules under the Health Information Technology for Economic and Clinical Health Act [HITECH Act]; Other Modifications to the HIPAA Rules.  The Final Rule becomes effective on March 26, 2013, and requires compliance by covered entities and business associates on September 23, 2013. Here is the definition of unsecured protected health information: “protected health information that is…

READ MORE

Three Key Properties of HIPAA Privacy and Security of Protected Health Information

HIPAA.com has received from its readers requests for information on topics related to HIPAA Administrative Simplification Privacy and Security Rules and to updates to those rules reflected in the HITECH Act provisions of the American Recovery and Reinvestment Act of 2009, signed by President Obama on February 17, 2009.  Recently, HIPAA.com answered the question of particular interest to several readers:  what exactly is protected health information (PHI)?  In this posting, we answer the question:  what are the fundamental properties that underlie privacy and security of protected health information? Three Key Properties The three key properties that underpin privacy and security under the Health Insurance Portability and Accountability Act (HIPAA) are availability,…

READ MORE