Manage Learn to apply best practices and optimize your operations.

Tackling top regulation compliance challenges


What you should know about HIPAA requirements

Source:  dane_mark/iStock
Designer: Anita Koury for TechTarget

It might seem easy to list which entities are required to comply with the Health Insurance Portability and Accountability Act (HIPAA): hospitals, health insurance providers and doctors' clinics, for starters. But in light of the U.S. Department of Health and Human Services' recent updates to HIPAA requirements, healthcare organizations are no longer the only ones who are considered HIPAA-covered entities.

Ed Moyle, director of emerging technology at ISACA, says that compliance professionals who are not in healthcare should be following any changes to HIPAA requirements closely. These updates had many implications:

Over on SearchSecurity, Mike Chapple, CISSP and senior IT director at the University of Notre Dame, answers readers' questions on HIPAA, including how organizations can prepare for HIPAA audits, what the HHS is getting stricter about and how risk assessments can help with HIPAA compliance.

More on HIPAA requirements: Take a look at infosec expert Kevin Beaver's tip on how encryption and data protection can help you stay compliant with HIPAA and HITECH.

Data source: NueMD 2014 HIPAA survey, with 1,000 respondents

View All Photo Stories

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

How do you think the HIPAA requirements for 'business associates' will benefit healthcare organizations?