When going to your doctor you know that you need to sign a HIPAA form but how many of us understand whats behind what we are signing. The Health Insurance Portability and Accountability Act of 1996 establishes standards nationwide for protecting our health information that is held or transferred in electronic form. The days of our doctors coming into the office with the color coded manila folder and pen have been replaced with paperless offices. Doctors are carrying laptops or a computer is set up in the room, holding all of your medical history.
When you realize how many places your health information can go electronically, the need for security nationwide is imperative. However, the technology only makes the job of HIPAA compliance within each medical organization much more difficult.
Cell phones, smartphones, and tablets, are basically small laptops and most of the information that you can retrieve on your phone can also be retrieved on a computer.
With the use of WI-FI and open networks it can also be unsecure.
New HIPAA compliant messaging regulations are addressing the changes in technology and keeping your confidential health information from being breached. These changes affect the cost to medical organizations as they require extra training for staff, up to date policy and procedures for electronic devices, and the use of personal devices to access files. The loss alone of a personal cell phone of an employee that was used for work has to have a policy and procedure. This personal medical information is sensitive information and these medical organizations are required to stay compliant with HIPAA. These organizations are also required to conduct risk assessments to insure there are no threats to the integrity of these files.