HIPAA Compliance and FileSure

The Health Insurance Portability and Accountability Act (1996) and the Security Rule (2003), define all sorts of requirements intended to protect patients’ health information from unauthorized access, modification or theft.

While there are many sections and subsections in the HIPAA act, the sections of interest are 164.312 and 164.316.

Need to solve a different problem?

We have put together several videos to demonstrate how FileSure can help you with these sections.

Audit access to patient information Limit access to patient information Protect audit logs and record policy changes
Authentication by naming convention Protect against unauthorized transmission of patient information Keep all the logs for 6 years

Section 164.312

Audit access to patient information

Audit controls require mechanisms to examine activity in systems containing patient information.

Limit access to patient information

Access control requires policies and procedures limiting access to patient information to persons or software programs requiring the patient information to do their jobs.

Protect audit logs and record policy changes

Integrity requires policies and procedures that protect patient information from being altered or destroyed in any way.

Authentication by naming convention

Person or entity authentication requires implementation of measures to prevent unauthorized users from accessing patient information.

Protect against unauthorized transmission of patient information

Transmission security requires mechanisms to protect patient information that is being transmitted electronically from one organization to another.

Section 164.316

Keep all the logs for 6 years

Documentation requires that written or electronic records of policies and procedures implemented to comply with the security rule be maintained for a period of six years from the date of creation or the date when last in effect.