HIPAA Tip: HIPAA Organizations & Terms

Understanding the HIPAA Rule and HIPAA compliance starts with knowing the organizations that support HIPAA and basic terminology associated with HIPAA. Below is a list of important terms and organizations that are relevant and very helpful when educating oneself on HIPAA compliance.

  • PHI: Protected Health Information, also referred to as personal health information, is all the medical data a healthcare professional collects to identify an individual and determine their appropriate care.
  • ePHI: Stands for electronic Protected Health Information and can be any identifiable patient information that is produced, saved, transferred, or received in an electronic form.
  • Breach: Is a security violation in which sensitive, protected or confidential data (PHI/ePHI) is copied, transmitted, viewed, altered, or stolen and used by an individual unauthorized to do so.
  • HHS: The Department of Health and Human Services is responsible for creating HIPAA and protecting the health of all Americans by providing essential human services.
  • OCR: The Office for Civil Rights is responsible for enforcing HIPAA regulations and standards.
  • CMS: Government agency within HHS is the Centers for Medicare and Medicaid services, administering major health programs in the U.S.
  • Office of the National Coordinator: Is a staff division of the Office of the Secretary within HHS. ONC leads national health IT efforts and is charged as the principal federal entity to coordinate nationwide efforts for advancing information technology and electronic exchange of health information.
  • Section 405(d): Came about from the Cyber Security Act of 2015 to raise awareness, provide vetted cybersecurity practices, and move towards consistency in mitigating current pertinent cybersecurity threats to the healthcare sector.

Learning more about HIPAA, its terms and organizations will assist you and your staff with staying HIPAA compliant.

HIPAA compliance isn’t a one-time checklist. It’s ongoing, programmatic in nature, and requires demonstrated reasonable diligence to stay in good standing with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). Anatomy IT. can provide you peace of mind with our expert HIPAA compliance services. To learn more, contact us here.