Health Information Privacy and Security
摘要
This chapter provides a review of the regulations governing the privacy and security of protected health information (PHI). Health Insurance Portability and Accountability Act of 1996 (HIPAA) spells out everyone’s rights under the Privacy Rule and how those rights are protected under the Security Rule. The Breach Notification Rule defines violations of these HIPAA Rules and the Enforcement Rule specifies the consequences of these violations. HIPAA also specifies the Covered Entities and their Business Associates, who must follow these regulations, and how they can use PHI. Finally, HITECH provides regulations that further govern the security of electronic PHI as threats and risks evolve in the ever-changing information technology environment.