Understanding the Security Rule in HIPAA: Inside Practice: July 2007

July 2007: Volume 6, Issue 6

Understanding the Security Rule in HIPAA

The Security Rule focuses on health information in electronic form. In specific, the Security Rule is designed to protect the integrity, confidentiality, and availability of electronic Protected Health Information (ePHI). The Security Rule requires entities covered by HIPAA (called “Covered Entities” here) to implement reasonable and appropriate administrative, physical, and technical safeguards to protect ePHI. These safeguards must secure ePHI while in the custody of Covered Entities, as well as in transit between such Covered Entities and others. Such safeguard must be adequate to ensure the confidentiality of the information. They must also protect against any reasonably anticipated threats and hazards to the security and integrity of the ePHI, and protect against unauthorized use or disclosure of ePHI. Therefore, assessing and managing risks are the primary challenges in HIPAA security compliance.

More information about the book A Guide to HIPAA Security and the Law

Related CLE

HIPAA Fundamentals
Given the intricate details of the HIPAA privacy and security rules, HIPAA Fundamentals was designed to familiarize healthcare lawyers with their essential components. This audio program highlights the key elements of the HIPAA privacy and security rules and provides an analysis of current issues arising from HIPAA's effects, obligations, and implications.

Featured Faculty: Marc D. Goldstone, Kimberly S. Gray, Kirk J. Nahra

Health Law Section, Young Lawyer’s Division, and the ABA Center for Continuing Legal Education

Excerpted from A Guide to HIPAA Security and the Law
Edited by Stephen Wu

ABA Section of Science & Technology Law

Back to July 2007 Inside Practice Index

Previous Issues of Inside Practice