The Health Insurance Portability and Accountability Act (HIPAA), became law in 1996. It requires health care providers, insurance companies and others involved in health care transactions to provide security on any system containing personal health information, store and transmit that information according to standardized rules, and place an automatic audit on files to help keep track of who should have access to them and whether those access rules have been violated. HIPAA complaints and violations that aren't fixed quickly are subject to a fine of between $100 per incident or a maximum of $25,000 per year for violation of a specific rule.
Administrators at the University of Colorado found a way to comply HIPAA to protect the integrity of electronic patient records. In addition to meeting the Privacy requirement of HIPAA, they needed a system to deal with their staff of medical professionals who move from computer to computer throughout their shifts. To be better equipped to achieve compliance, the hospital chose to use technology via a combination of a system called pcProx Sonar along with a software named eXactACCESS. When someone walks away from a workstation, a sonar device installed on the computer detects the change, and causes the computer to lock. Also, authentication via a user PIN is required. As a result, the integrity of the patient data is greatly enhanced. Doctors and nurses must pass their badge across the reader and then type their PIN. "Security access and work data is routed through eXactACCESS, bringing them right to their administrator-defined portion of the network. It allows them to log off one machine and onto another without any interruption in workflow, and their work is preserved just as they left it" (Unknown). Health care fraud is another serious compliance issue with which the federal government continues to deal. Also an outgrowth of HIPAA, the Social Security Act section 1128C(a) of the Act created the Health Care Fraud...
Please join StudyMode to read the full document