New HIPAA rules increase data security stakes for health care providers

Nov 25th, 2013 / Category: Managed File Transfer

Since it was established in 1996, the Health Insurance Portability and Accountability Act (HIPAA) has imposed a variety of standards that health care providers must meet or risk facing fines and other sanctions. Among the most significant areas covered by this law is patient data. Under HIPAA, organizations must develop and maintain robust data protection efforts to ensure that patients' sensitive information remains safe at all times. This makes tools such as secure file transfer solutions invaluable for the health care sector as a whole.

Such data protection resources recently gained even more utility for these organizations. As Healthcare IT News reported, the new HIPAA Omnibus rule is now in effect, forcing health care providers to take even greater steps to ensure patient data is protected.

HIPAA and security
As the news source noted, the Department of Health and Human Services (HHS) considers the Omnibus rule, enacted in March, to be "the most sweeping changes to the Health Insurance Portability and Accountability Act (HIPAA) privacy and security rules since they were first implemented."

Notably, this new rule forces health care providers to take more robust steps to guarantee that patient data is not exposed, lost or stolen. Furthermore, the HHS is authorized to levy fines of up to $1.5 million per incident in the event of a data breach which is found to have been caused by lax security policies.

This new standard is now fully in force. As the news source reported, this means that health care providers must conduct regular risk assessments, develop thorough policies and take a number of other steps for protecting patient data.

Data in danger
Considering the stakes, it is obviously in health care providers' best interests to adopt robust, proactive data security solutions that can minimize the risk of a data breach. According to Healthcare IT News, this should include a powerful focus on data transfers.

"Among the most vulnerable areas of a data breach involve responses to medical record requests from health plans," the news source explained. "Providers require HIPAA-compliant solutions that are able to securely capture and transmit electronic medical records, such as sending supporting documentation for medical review."

As is often the case, data in motion is more at-risk than data at rest, as it cannot remain behind a powerful firewall. Yet health care providers cannot avoid the need to send and receive sensitive information to health insurers, as well as other care providers.

That is why hospitals, doctors' offices, clinics and other health care organizations should consider investing in high-quality secure file transfer solutions. These tools can ensure that data remains fully protected at all times, even as it is traveling between organizations. This greatly reduces the risk of a data breach, and therefore helps health care providers avoid HIPAA-related fines and penalties without undermining these organizations' ability to operate quickly and efficiently.