The privacy and security of Protected Health Information (PHI) is a top priority for patients and their families, health care providers, health care professionals, and the government. Federal laws require Covered Entities and their Business Associates that handle PHI to have policies and security safeguards in place to protect all health information — whether it is stored on paper or electronically.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is the main Federal law that protects health information. The HIPAA Privacy and Security Rules protect the privacy and security of individually identifiable health information. HIPAA Rules have detailed requirements regarding both privacy and security.

The HIPAA Privacy Rule covers PHI in any medium, while the HIPAA Security Rule covers electronic Protected Health Information (ePHI).

For more information on HIPAA basics for consumers, providers and regulators visit HealthIT.gov HIPAA Basics.

Security and compliance are first and foremost in the management of our clients' systems. After conducting thousands of SRAs, common vulnerabilities began to emerge. We launched HIPAA Tip Tuesday to make clients aware of what actions they can take to address these vulnerabilities.

Dawn Meglino
HIPAA Compliance Office
StratX IT Solutions
dmeglino@stratxit.com
(914) 683-0005 Ext. 2108 - Work | (914) 646-2974 - Mobile