This article is more than 5 years old. Information may no longer be current.
‘Be prepared’ for April deadline of HIPAA security standards
Click Here to Manage Email Alerts
WAIKOLOA, Hawaii — Ophthalmology practices should be prepared for the April 1 deadline of the security standards of the Health Information Portability and Accountability Act, according to an attorney who specializes in health care law.
Allison Weber Shuren, MSN, JD, gave a primer on the HIPAA security standards here during the administrators’ program at Hawaii 2005, The Royal Hawaiian Eye Meeting.
“Compliance with the security standards takes organization, a competent IT expert and financial commitment,” Ms. Shuren said. She added that administrators should learn about what system will best fit their practices before purchasing an “exorbitantly expensive” program.
She said the security standards determine who can have access to the system and how the information can be used and disclosed. The standards also ensure that the information is available when needed and that access is limited only to those who are authorized.
“Every entity is expected to analyze its own systems for security risks and establish and document policies to address them,” Ms. Shuren said.
Ms. Shuren explained that there are three aspects to the security standards: confidentiality, so that records are accessible only to those who are authorized; integrity, so that the system cannot be altered or destroyed in an “unauthorized manner”; and accessibility, which is restricted to authorized people.
For a detailed description of the security standards, go to www.cms.hhs.gov/hipaa/hipaa2.