HIPAA, or the Well being Insurance Portability and Accountability Act of 1996, sets guidelines for medical professionals as well as the handling of medical records and information. With the advent of electronic medical records and on-line medical record databases, HIPAA compliant medical billing software must meet many security standards to meet set HIPAA guidelines.
Secure World wide web Server: HIPAA compliant software utilizes SSL, or secured socket layers. When information is protected by SSL no a single but authorized users can entry data. Info isn't stored unless secured. Modification isn't allowed with no authorized entry and all changes are logged.
Database Encryption: Information, messages and patient files are encrypted. Encryption transforms readable words into code that can not be decoded by somebody intercepting data.
Secured Admission Controls: User IDs and passwords are set-up by an administrator and typically enable only 1 password alter every 30 days. Moreover, passwords changes can be forced each 30 days to prevent access to secure files by somebody who oversees the entering of a password.
Session Timeouts: Session timeouts are normally set from within the HIPAA compliant software. Timeouts prevent info from sitting idle on the personal computer screen for passersby to read. Timeouts could be set with narrow time limits of inactivity, such as 30 seconds or less. Longer timeout sessions could be allowed in clinical settings wherever unauthorized users have no access.
Monitoring of Server: Secured socket layers, database encryption, secured admission controls and session timeouts are important for the security of patient info and files, but that does not stop hackers from attempting to infiltrate a medical file system. Monitoring needs to be continually in location to recognize attempts to break to the system or "smash" the technique from an outside source. Security may be in location to shut down access to medical data if a hacker breeches any layer of security.
No comments:
Post a Comment