HIPAA Defined

Health Insurance Portability and Accountability Act of 1996 (HIPAA) is United States legislation that provides data privacy and security provisions for safeguarding medical information. HIPAA requires healthcare providers – including doctors, clinics, hospitals, nursing homes, and pharmacies – to assess their administrative, physical, and technical safeguards to reveal areas where the organization’s information could be at risk.

A major goal of HIPAA is to assure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high-quality health care. HIPAA rules are designed to strike a balance that permits important uses of information, while protecting the privacy of people who seek care and healing.

The Department of Health and Human Services requires all organizations handling protected health information to conduct a risk analysis as the first step toward implementing safeguards specified in the HIPAA Security Rule and ultimately achieving HIPAA compliance. Health and Human Services can impose significant monetary penalties for violations and failures to comply.

Partner with WhiteHat Security today to improve your mHealth security posture!