August 20, 2009
HIPAA and Email Security: An Update on the Latest Healthcare Privacy Regulations
One of the less widely-reported findings from our latest research on data exposure risks in today's enterprise is that more than 56% of large organizations are highly concerned about protecting the confidentiality of private healthcare information in outbound email... And that's out of allcompanies, regardless of whether they are in the healthcare industry or not.
Companies are right to be concerned about this issue because HIPAA regulations now apply to more organizations than ever.
As discussed in our new whitepaper, HIPAA and Beyond: An Update on Healthcare Security Regulations for Email, the recently passed stimulus bill, the American Recovery and Reinvestment Act (ARRA) of 2009, includes new, stiffer regulations for protecting patient data in email.
The so-called "HITECH" provisions (Health Information Technology for Economic and Clinical Health Act) included in the stimulus bill broaden the scope of HIPAA to cover all business associates of healthcare organizations. This means that any accounting firm, legal firm, IT consultancy, or other business partner of a HIPAA-covered entity must now also comply with HIPAA security mandates to protect private healthcare information (PHI).
And states such as Nevada and Massachusetts have recently passed their own laws for data security and data breach notifications that affect any healthcare organization (or other type of enterprise) with patients (or customers) in those states. You can learn more about these issues by reading the full whitepaper.
To download a copy, visit: HIPAA and Beyond: An Update on Healthcare Security Regulations for Email
I like your thoughts. Can you send me a link to your other posts?
Justin Davis
Internet Filter
Posted by: Justin Davis | August 27, 2009 at 02:06 PM