HIPAA applies to covered entities and their business associates that process or store electronic protected health information (ePHI) |
The Health Insurance Portability and Accountability Act of 1996 (HIPAA), public law 104-191, required the Department of Health and Human Services (HHS) to develop regulations protecting the privacy and security of certain health information. In response, HHS published the HIPAA Privacy Rule, the HIPAA Security Rule and certain requirements for breach notification.
The Privacy Rule (45 CFR, Part 160 and Subparts A and E of Part 164), establishes standards for the protection of certain health information (PHI). The Security Rule (45 CFR, Part 160 and Subparts A and C of Part 164) establishes standards for protecting certain health information that is held or transferred in electronic form. The HIPAA Security Rule essentially covers the IT security implementation standards. Another part of HIPAA amended by the HITECH act requires to implement breach notification as specified by 45 CFR, Subpart D of Part 164, and IT department’s role is critical in being able to collect all data required to be included in breach notifications to the affected persons, media and the Secretary of HHS.
Action1 helps to address certain HIPAA compliance requirements from the HIPAA Security Rule and breach notification rule by automating your preparedness for audits. The aspects that are covered include sections 164.308 (Administrative Safeguards) and 164.312 (Technical Safeguards).
45 CFR 164.308: Administrative Safeguards
Administrative requirements for covered entities and business associates
45 CFR 164.312: Technical Safeguards
Technical requirements for covered entities and business associates
Sign-up for Action1 Free Edition to streamline compliance efforts for your network of endpoints. Such as you can simplify assessments of HIPAA Compliance for your internal or external auditors, create instant or regular compliance reports that prove your compliance while reducing the costs. Action1 Endpoint Security Platform is entirely SaaS, with online web interface (no management tools to install) and it has zero cost for basic functionality. Running in the Cloud, Action1 discovers all of your endpoints within seconds and allows you to pass compliance audits and maintain continuous compliance with ease.
Respond to Threatsin Real-Time
Ask questions in plain English such as "list of installed software" or "all running processes".
Get answers instantly from live systems or subscribe to real-time alerts.
Find more information on HIPAA Compliance
at Microsoft TechNet.