The Security Corner
While the Privacy Rule pertains to all protected health
information (PHI) including paper and electronic,
the Security Rule deals specifically with electronic
protected health information (EPHI). It lays out three
types of security safeguards required for compliance:
administrative, physical, and technical. For each of these
types, the rule identifies various security standards, and
for each standard it names both required and addressable
implementation specifications.
Required specifications must be adopted and
administered as dictated by the rule. Addressable
specifications are more flexible. Individual covered
entities can evaluate each situation and determine the
best way to implement addressable specifications.
The important thing to do if you suspect a breach has
occurred is to notify the proper authorities immediately.
Here at NSU, there are several ways to ensure that you
have reported a suspected breach properly.
Call the NSU HIPAA Security Officer at (954) 262-4643.
Call the HIPAA Security Team Hotline at (954) 262-0448.
Call the NSU Privacy Officer directly at (954)262-4302.
Call the Anonymous Compliance Hotline at 888-609-NOVA
(6682) toll free, (available 24 hours a day, 7 days a week).
The NSU Chief Information Security Officer/NSU HIPAA
Security Officer is available if you have questions about
HIPAA Security. This includes questions on existing
processes or functions you perform as well as new
processes, programs, or initiatives you are considering
that involve patients and electronic PHI. You can contact
John Christly at (954) 262-4643 or via email at
.
To view the complete version of the 2013 Updated HIPAA
Security Information form, click here:
/cwis/oit/forms/hipaa-security.pdf.
The HIPAA Security Rule
requires covered providers to
implement security measures,
which help protect patients’
privacy by creating the
conditions for patient health
information to be available,
but not be improperly used or
disclosed.
/
7
