- In the News
- Information Center
- Client Testimonials
- Newsletter Subscriptions
- Events


Practice Strategies

Yes, But Is It HIPAA-Compliant?

Implementing an EMR solution certainly includes the need to address HIPAA security regulations. But the requirements are no greater than for a practice computer with confidential patient information stored on it.

The Issues

Network security — HIPAA requires system administrators to standardize record security on Local Area Networks (LAN), prohibiting unauthorized users from accessing patient information. In addition, HIPAA requires the ability to generate an accountability log defining when and who has accessed patient information.

Solution: Microsoft 2000 operating systems can provide LAN security at the highest

government level and maintain an accountability log.

Portable device security — Portable devices, such as a laptop computer, Tablet PC or

PDA, must have standardized security to prevent unauthorized access to confidential

patient information.

Solution: Look for a program that provides password security and encrypts confidential

data on a hard drive with 128-bit encryption (the highest security obtainable at this time).

E-mailing or faxing patient records — Without proper security precautions, unauthorized users can access e-mail or faxes, which violates HIPAA confidentiality rules.

Solution: Avoid faxing and use 128-bit encryption for e-mails, preventing the receiving

party from viewing the e-mail unless you have provided them the necessary password

information to unlock the email.

For critical matters of HIPAA compliance, turn to the team you can trust. Contact our office today for expert guidance in matters of risk analysis and implementation of HIPAA security safeguards.

For more information about our services to the healthcare industry, Contact:
Maxine Lawyer, Director of Healthcare Services at 972.448.6905.

The articles in this newsletter are general in nature and are not a substitute for accounting, legal, or other professional services. We assume no liability for the reader's reliance on this information. Before implementing any of the ideas contained in this publication, consult a professional advisor to determine whether they apply to your unique circumstances.
© 2004