Library Update: Health Insurance Portability and Accountability Act (HIPAA)

The Alyne team has recently rolled out a brand new addition to the Content Library with a comprehensive mapping of The Health Insurance and Accountability Management Act (HIPAA). This mapping covers not only section 164.3xx (Security Standards), but also the rules outlined in section 164.4xx (Breach Notification) and section 164.5xx (Privacy Aspects).

The Health Insurance and Accountability Management Act (HIPAA) was enacted into law in 1996 to improve insurance coverage, as well as to reduce fraud and ease administration.

The Health Insurance and Accountability Management Act (HIPAA) regulation is mainly targeted towards any covered entities who handle health or healthcare-related data and providers who use or transmit electronic Protected Health Information (ePHI).  In 2013, the coverage of HIPAA regulations has been expanded to include all Protected Health Information (PHI) users, including third-party service providers to be subjected to the same data privacy and protection laws under HIPAA.

The law contains requirements that aim to protect and safeguard the integrity of patient health information with critical information assets with infrastructure. While the law presents clear definitions of privacy and security requirements, some of its terms are broadly defined.

HIPAA coverage within the Alyne platform

Leveraging on, and in addition to the existing 1200+ Controls available in the platform, the Alyne Library experts have interpreted and mapped HIPAA requirements into a Control Set containing 480 robust Controls that are easily actionable, specific and measurable for business leaders to implement.

For organisations who are subject to compliance with HIPAA, Alyne now offers a comprehensive mapping of the regulation, covering not only §164.3xx which is focussed on Security Standards, but also the rules outlined in §164.4xx (Breach Notification) and §164.5xx (Privacy Aspects). This content now available in the Alyne platform, will simplify and enhance your ability to follow HIPAA compliance criteria. 


HIPAA compliance rules include: HIPAA Privacy Rule, HIPAA Security Rule and HIPAA Breach Notification Rule

HIPAA Privacy Rules 

The HIPAA Privacy Rule establishes national standards to ensure that patients' rights to PHI are protected. This includes medical records and other personal health information and it applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically.

HIPAA Security Rules 

The HIPAA Security Rule operationalises the HIPAA Privacy Rule. More specifically, this set of rules ensure that there are both technical and non-technical, that includes administrative and physical, safeguards to ensure that ePHI is transmitted and handled in a secured and responsible manner.  

HIPAA Breach Notification Rules

The HIPAA Breach Notification Rule requires covered entities and their business associates to notify affected individuals and the media of a breach of unsecured PHI. Depending on its severity, if the data breach affects 500 and more individuals, the Secretary has to be informed no later than 60 days following the breach.

As with all Library Updates, the Control Set has been provided to existing and new Alyne customers alike. Contact our sales team at support@alyne.com to learn how Alyne can help your organisation, or schedule a meeting with an expert to experience Alyne's full capabilities.

ZurückWeiter
Eunice Cheah

Related Posts

Blog thumbnail

Library Update: KAIT

The Alyne Content Library has recently been updated with a Control Set covering KAIT (Kapitalverwaltungsaufsichtliche Anforderungen an die IT) – the German BaFin's supervisory requirements for IT in Fund and Asset Management, defined in the 11/2019 (WA) circular in the version as of October 1, 2019.
Blog thumbnail

Introducing SOX-in-a-Box: Alyne's Internal Control over Financial Reporting (ICFR)

We are very excited to introduce Alyne's new Internal Control over Financial Reporting (ICFR) Control Set, which further expands on Alyne's extensive Library of Financial Controls. In this article, you will gain insight into how Alyne's out-of-the-box ICFR Capabilities can provide your organisation with an extensive health check for SOX and SOC 1 compliance.