HIPPA,SOX, & PCI
EXPLAINING HIPPA,SOX, & PCI
HIPAA which stands for the Health Insurance Portability and Accountability Act was passed in 1996. It was made to make sure that health or medical information data is protected. But it's not just used by the health care industry, employers that offer health insurance must abide by HIPAA. HIPAA defines health information as any data is created or received by health care providers, health plans, public health authorities, employers, life insurers, schools and universities, and health care clearinghouses. This data relates to the health of any individuals past, present, and future health, their physical and mental health and what kind of condition they are currently in health-wise. This data will also include past, present, and future payments for health care. There are requirements and standards that health care organization or any organization that has to do with any of the above organizations must abide by according to HIPAA. Security standards are used to protect any stored data, the use of data, and the transmission of data. The Privacy standards makes companies not share any information without the patient's consent. It also informs you of practices used to keep your health information private. If the rules of HIPAA cannot be followed than there are penalties: for making mistakes you can be fined up to $100 per violation and $25,000 per year. Knowingly obtaining or releasing data can result in $50,000 in fines and one year in prison. Obtaining or disclosing data under false pretenses can range to $100,000 in fines and 5 years in prison. Obtaining or disclosing data for personal gain or malicious harm you will have to pay a fine of $250,000 and serve up to 10 years in prison.
The Sarbanes-Oxley Act or SOX was passed in 2002. It was passed in response to several large scandals. This law applies to any company that is publicly traded. It...
References: Gibson, D. (2011). Managing Risk in Information Systems. Burlington, MA: Jones & Barlett Learning.
Please join StudyMode to read the full document