Officially, it’s called the Health Insurance Portability and Accountability Act of 1996, but it’s usually shortened to just the letters HIPAA.
The Security Rule specifies a series of administrative, physical and technical safeguards for covered entities and their business associates to use to assure the confidentiality, integrity and availability of electronic protected health information (EPHI).
The Privacy Rule protects all “individually identifiable health information” held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper or oral. The Privacy Rule calls this information “protected health information (PHI).”
The most common entities covered by the law are private medical practices, hospitals, pharmacies, outpatient facilities and health insurance organizations. The rule, however, applies to any individual or organization that possesses protected health information.
The biggest HIPAA-type penalty, to date, happened in Puerto Rico earlier this year when Triple S-Salud an insurance company, was fined $6.8 million for a 2013 data breach involving Medicare recipients.
Penalties in the United States range from $100-$50,000 in fines for each violation. There’s a maximum penalty in any one year that could reach $1.5 million.
At DriveSavers, we respect the confidentiality of all our customer’s data, protecting it while it is in our possession from loss, theft or pilfering. We absolutely guarantee the security and confidentiality of all data we work with, whether it’s from a student’s drive, a home computer, a work-related issue or a government system.
DriveSavers is in compliance with HIPAA, as shown by our current certifications.