top of page

PRIVACY POLICY

HIPAA compliance for an organization revolves around protecting the privacy and security of Protected Health Information (PHI) that the organization has or will have access to. PHI is any information that can be connected to an individual's health condition.

Organizations looking to comply with the HIPAA regulations first have to determine which regulations they have to comply with. There are two distinct and separate regulations under HIPAA:

HIPAA Privacy

safeguards for keeping protected health information safe from a people, administrative, and contractual standpoint

HIPAA Security

safeguards for keeping protected health information specifically in electronic form (computers, networks, email, software, electronic transmissions, etc) safe from disasters, hackers, and electronic theft.

All organizations are required to comply with the HIPAA Privacy regulations, since Privacy involves safeguards from a people standpoint, but only those who store or transmit protected health information electronically are required to comply with the HIPAA Security regulations which is meant to protect electronic data.

Once you know which regulations you need to comply with, then it is just a matter of knowing what you need to do to comply.

bottom of page