hipaa and hitech act compliance
The Health Insurance Portability and Accountability Act (HIPAA - 110 Stat. 1936), and as amended by The Health Information Technology for Economic and Clinical Health Act (HITECH Act - Pub.L. 111-5) (Title XIII of the American Recovery and Reinvestment Act of 2009), provides privacy and security rules for the collection, storage, and transmission of medical records, data, and statistics.
Maria Civitelli-Forgione, CPC, billingcodingconcepts.com, and all electronic communication over this website and its related domains and email communication on the domain (to wit, email addresses @billingcodingconcepts.com), meet or exceed the security and privacy provisions of these acts.
The pertinent provisions of these acts are listed below. The entire text can be downloaded here (HIPAA), and here (HITECH).
[...A]ny [...] device that stores data, should utilize data encryption technology. [...] The National Institute of Standards (NIST) provides guidance on storage encryption through their Special Publication 800-111, Guide to Storage Encryption Technologies for End User Devices.
Any [...] transmit[ion of] EPHI between locations [...] should be encrypted [by] Secure Sockets Layer (SSL) [denoted by https], IPSecurity (IPSec) and Transport Layer Security (TLS). NIST also provides guidance in three documents: Special Publication 800-113, Guide to SSL VPNs; Special Publication 800-77, Guide to IPsec VPNs; Special Publication 800-52, Guidelines for the Selection and Use of Transport Layer Security (TLS).
