Abstract
The confidentiality, integrity and availability of patient information are intrinsic demands on hospital services and, currently, computerization has been increasing day by day. The purpose of this essay is to define a process for obtaining a HIPAA approach for a health care organization.
Background
HIPAA was approved in 1996 by the US Congress. Electronics and other health care providers meet some basic standards for the ePHI (electronic health information protected) handler, such as medical records and patient accounts. A section on HIPAA security provisions comprises three different sets of requirements, each of which lists specific warranties such as:
• Administrative safeguards contain rules that set and enforce business privacy policies
…show more content…
Developers implement minimum privilege principles and perform error handling. Meticulous to minimize the risk of increased privileges. All as confidential information must use an integrity selection mechanism, such as HMAC-SHA1, or a digital signature to limit the risk of violation.
Availability: Since owners of records are granted the right of access to their own records, a lack of availability of service may result in breach of HIPAA compliance. Developers propose systems to properly handle errors and resist denial of service attacks. Event logs must contain enough information to rebuild a system activity to the point of failure so that the error is quickly fixed and corrected.
Conclusion:
Before HIPAA is enacted, how personal information from clients that accumulated in several private databases is taken over as the property of the database organization. The main concept underlying HIPAA is a notion that database owners are not necessarily owners of the data contained therein; are only intermediaries. It is a fundamental paradigm shift, as an HIPAA-compliant organization, that has the owners of the records