If you’ve been around the IT business world, there’s an increasing likelihood that you’ve run across the term HIPAA or HIPAA Compliant. Previously I wrote about how to break into the Healthcare IT niche and spoke about it on a podcast episode about Healthcare IT and HIPAA. Now, I’d like to explore exactly what it means to be HIPAA compliant.
So what does this have to do with IT professionals?
First, some definitions.
HIPAA (not HIPPA) is the Health Insurance Portability and Accountability Act. It was enacted on August 21, 1996 and signed into law by President Bill Clinton. If you were in the “working world” around that time you may recall the media coverage about how important it was that workers be able to carry their employer-paid insurance after separation of employment, at the employees cost.
Along with health insurance portability, the law also created regulations to protect patient privacy. This patient information is usually referred to as PHI (Protected Health Information) or ePHI (Electronic Protected Health Information). You may even see it referred to as IIHI (Individually Identifiable Health Information).
PHI includes any IIHI that is transmitted by electronic media, maintained in electronic media, transmitted or maintained in any other form or medium. In order to effectively protect PHI in electronic format it is imperative that IT professionals understand what and who HIPAA pertains to.
Now that we know what all these acronyms mean, let’s figure out if any of this actually applies to you… [Read more…]