Your IT Guy Has Enough on His Plate Without Being the HIPAA Police

Rethinking IT
W H I T E P A P E R






Your IT Guy has Enough on His Plate
Without Being the HIPAA Police

The KBOX HIPAA Approach

Your IT Guy Has Enough on His Plate Without Being the HIPAA Police The KBOX HIPAA Approach TABLE OF CONTENTS Your IT Guy Has Enough on His Plate Without Being the HIPAA Police The KBOX HIPAA Approach HIPAA Security Rule Overview..................................................................... 3 The HIPAA Security Rule, Why Do I Care?.................................................... 3 Okay, I Get It. But the Security Rule deadline has passed and we have safeguards in place. Really we do............................................................... 4 Risks, Vulnerabilities, and IT Pain Points for HIPAA Security Rule Compliance ............................................................................................... 5 KBOX Capabilities & the HIPAA Security Rule................................................ 6 Conclusion................................................................................................14 The KACE for KBOX...................................................................................15
Copyright © 2006 KACE Networks, Inc. All rights reserved. 2 Your IT Guy Has Enough on His Plate Without Being the HIPAA Police The KBOX HIPAA Approach HIPAA Security Rule Overview
The compliance deadlines for the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Final Security Rule have come and gone. The deadline was April 21, 2005 for all covered entities, except small health plans which had until April 21, 2006, to comply.
While the HIPAA Privacy Rule covers protected health information (PHI) in all forms, the HIPAA Security Rule specifically applies only to PHI that is maintained, transformed, or transmitted in electronic form (e-PHI). The Security Rule is intended to ensure that covered entities meet the following objectives:
¾ Ensure the confidentiality, integrity and availability of all EPHI that the entity creates, receives, maintains, or transmits; ¾ Protect against any reasonably anticipated threats or hazards to the security or integrity of such information; ¾ Protect against any reasonably anticipated uses or disclosures of such information that are not permitted or required under the Privacy Rule; and ¾ Ensure compliance by the entity's workforce.
The Security Rule presents major challenges for virtually every covered entity in the HIPAA environment, no matter how big or how small. Covered entities include health plans, health care clearinghouses, and healthcare providers. In addition, business partners and associates who interact with covered entities are forced to deal with the same security issues as covered entities. Savvy IT professionals know all too well the amount of work they face in supporting HIPAA compliance. And your IT guys have enough on their plates without assuming the role of HIPAA police. But when faced with a challenge, they also appreciate that adding technologies for HIPPA Security Rule compliance is an opportunity to make improvements in overall IT security that increase the organization's bottom-line. It gives you a unique opportunity to see how you can improve IT services, address business process issues, bolster systems performance and increase uptime of your infrastructure. IT professionals today must look to new challenges, such as HIPAA, as opportunities to leverage existing technologies - not only to achieve compliance, but to add more value to the overall business. KBOXT IT Management Suite by KACET can help you fulfill your HIPAA Security Rule requirements and improve overall control and performance of your IT infrastructure. KBOX uniquely supports IT teams in their HIPAA Security Rule efforts with an easy-to-use, comprehensive, and affordable solution. This solution addresses a wide range of "Required" and "Addressable" technical, physical, and administrative safeguards mandated by the HIPAA Security Rule.
The HIPAA Security Rule, Why Do I Care? Criminal penalties for HIPAA violations can include fines of up to $250,000 and 10 years in prison for the most serious of violations. Protecting patient information is serious business. You don't have to go further than... [download for more]