What is HIPAA in Security+?
D1 ยท General ยท CompTIA Security+ SY0-701HIPAA (Health Insurance Portability and Accountability Act) is a US federal law that sets national standards for protecting PHI (Protected Health Information) โ any information that identifies a patient and relates to their health.
Key rules: Privacy Rule (governs use/disclosure of PHI), Security Rule (technical, physical, and administrative safeguards for electronic PHI), Breach Notification Rule (report breaches within 60 days).
Covered entities: healthcare providers, health plans, healthcare clearinghouses. Business Associates must also comply.
Key rules: Privacy Rule (governs use/disclosure of PHI), Security Rule (technical, physical, and administrative safeguards for electronic PHI), Breach Notification Rule (report breaches within 60 days).
Covered entities: healthcare providers, health plans, healthcare clearinghouses. Business Associates must also comply.
HIPAA is the primary US healthcare privacy law. PHI includes name + any health information. ePHI = electronic PHI. Breaches affecting 500+ individuals must be reported to HHS and media. Know covered entities vs. business associates.