HHS Security Rule

The HIPAA act also established the HHS security rule to ensure the security and privacy of health care and health insurance consumers' protected health information. The security rule is hence a part of the HIPAA act and covers the subset of information which is already covered by the privacy rule.

It protects all individually identifiable health information created by a covered entity and receives, maintains or transmits in electronic form. This type of information is known as e- PHI, or electronic protected health information, according to security rules. The security rule does not apply to information sent orally or in writing.

General rules

According to the security rule the entities covered need to maintain reasonable and appropriate administrative, physical and technical safeguards in order to protect the e-PHI. To understand specifically what the security rule covers generally, let us see the following:

  • Ensuring the confidentiality, availability and integrity of the e-PHI which is created, maintained received or transmitted by them.
  • Identify and protect against the threats to the security or integrity of the information and which can be reasonably anticipated.
  • Protection against impermissible uses of disclosure that can be reasonably anticipated.
  • Ensure compliance by the workforce

  • According to the security rule confidentiality is defined as the e-PHI which is not disclosed to unauthorized people. This in turn supports the privacy rule under the HIPAA act and it also protects the integrity and availability of the e-PHI. The security rule, on the other hand, allows authorised persons to access the information when necessary for providing the required health care or health insurance service to the consumer.

    The size of the entity does not matter, according to HHS, because covered entities range from the smallest provider to the largest multi-state health plan. We, too, adhere to HIPAA security rules to ensure that not only our clients' but also the end consumer's information is secure and protected. This makes us a partner of choice for all the different dental and medical service and insurance providers in the country.