The HIPAA security standards govern electronic protected health information (ePHI) that is maintained or transmitted electronically. Some specifications are required, while others are addressable. In this discussion, we will examine the HIPAA Security Rule.
To prepare for this Discussion, read Chapter 9, “Health Care Data,” of your course text Health Care Information Systems: A Practical Approach for Health Care Management.
For this Discussion, refer to the four Safeguards sections within the HIPAA Security Rule: the Administrative Safeguards; the Physical Safeguards; the Technical Safeguards; and the Policies, Procedures, and Documentation section that can be found in your course text.
- Summarize the intention of each of the sections in your own words.
- What do you think is the underlying issue that led to the development of each section? What are the problems, management dilemmas, or concerns that each addresses?
- Identify one way that the Security Rule is too restrictive for organizations and one way in which it is too general. How would you modify the rule to be more appropriate?