What Every CIO Needs to Know About HIPAA Compliance
Source: eEye Digital Security
Compliance with HIPAA is mandatory and violators face up to $250,000 in fines and jail time of up to 10 years. HIPAA regulations are intended to protect such data as a patient's medical records and personal healthcare information. HIPAA affects organizations that transmit protected health information in electronic form (e.g. health plans, healthcare clearinghouses and healthcare providers). The law maintains that healthcare organizations implement a wide variety of safeguards and security best practices in order to adequately protect customer data. Full compliance requires that these entities understand the threats and liabilities and take proactive measures to maintain reasonable and appropriate safeguards in three areas: administrative, physical and technical.