Regulatory Compliance, Governance and Security

Sep 26 2009   10:12PM GMT

HIPAA Security Rule | Another area for Data Center Compliance



As with the Privacy Rule, the Security Rule is also an important provision that data centers should be compliant with.

Security Rule: The Security Rule complements the Privacy Rule. While the Privacy Rule pertains to all Protected Health Information (PHI) including paper and electronic, the Security Rule deals specifically with Electronic Protected Health Information (EPHI). It essentially identifies the three types of security safeguards required for compliance:

• Administrative
• Physical
• Technical

EMR: Regarding Electronic Medical Records, the HIPAA Privacy Rule and Security Rule provisions essentially account for the safekeeping of EMR’s. Thus, a HIPAA | EMR audit conducted in accordance with the HIPAA Privacy Rule and Security rule would test the safeguards of EMR’s, essentially including them in the scope of the audit.

And with the growth of data centers, co-location facilities, and other managed services entities, being compliant with HIPAA would be a smart move. Any organization that is physically housed in any data center would arguably require that very data center to be HIPAA compliant. Find a competent, well-skilled HIPAA auditor to assist you in this endeavor.

1  Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • Gilby
    So how would the physical security portion of the requirements affect how data centers are designed, constructed and maintained?
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: