What is the Health Insurance Portability and Accountability Act (HIPAA)?

The Health Insurance Portability and Accountability Act (HIPAA) is a US federal law that created national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge. The US Department of Health and Human Services (HHS) issued the HIPAA Privacy Rule to implement the requirements of HIPAA. HIPAA Rules and Regulations lay out three types of security safeguards required for compliance:

  • Administrative Safeguards primarily concern the requirement to conduct ongoing risk assessments to identify potential vulnerabilities and risks to the integrity of PHI.
  • Physical Safeguards concentrate on the measures that should be implemented to prevent unauthorized access to PHI and to protect data from fire and other environmental hazards.
  • Technical Safeguards relate to the controls that must be put in place to ensure data security when PHI is being communicated on an electronic network.

 

Download Solution Brief

Download eBook

 

How can Thales help with HIPAA compliance?

Thales helps organizations comply with HIPAA by addressing essential requirements for safeguarding protected health information (PHI) under three different sections of the law.

HIPAA § 164.308 Administrative Safeguards

Covered entities must conduct an accurate and thorough assessment of the risks to PHI
and business associates need to appropriately safeguard PHI.

How Thales helps:

Thales Solutions
  • Discovering and classifying sensitive data and
    performing risk analysis
  • Reducing third party (business associate) risk
Protect Data at Rest:
 

 

HIPAA § 164.312 Technical Safeguards

Covered entities must implement technical safeguards to secure access to protected information, authenticate persons and entities accessing PHI, and encrypt PHI at rest and in transit.

How Thales helps:

Thales Solutions
  • Managing access to PHI
  • Authenticating users and processes
  • Encrypting PHI at rest and protecting encryption keys
  • Encrypting PHI in transit




     

 

HIPAA § 164.514 Other requirements relating to uses and disclosures of protected health information

Health information may not be considered PHI if it is not individually identifiable health information.

How Thales helps:

Thales Solutions
  • Pseudonymizing and de-identifying
    personal health information
    using tokenization.

 

Which companies are subject to HIPAA?

The HIPAA Rules apply to covered entities and business associates:

  • Covered Entities encompass all health care providers creating, receiving, maintaining, transmitting, or accessing protected personal health information (PHI), including health plans, health insurance organizations, hospitals, clinics, pharmacies, physicians, and dentists, among others.
  • Business Associates encompass third-party service providers that may create, receive, maintain, transmit, or access ePHI on behalf of covered entities. Examples include IT contractors or cloud storage vendors.

 

 

Multi-col layout

fingerprint

Title

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vestibulum sed lectus et nunc condimentum luctus vitae vel augue.

Register

fingerprint

Title

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vestibulum sed lectus et nunc condimentum luctus vitae vel augue.

Register

fingerprint

Title

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vestibulum sed lectus et nunc condimentum luctus vitae vel augue.

Register

Video layout

Webinars layout

webinar thumb

Webinar Title

Date and Time of webinar

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vestibulum sed lectus et nunc condimentum luctus vitae vel augue. Praesent orci lectus, vestibulum sed nibh vitae, placerat tincidunt mauris. Sed vel consequat enim, et fermentum felis. Aliquam et velit a diam viverra ullamcorper vitae pharetra erat.

Watch

Agenda title

Table Header Table Header
09:00 - 10:00 Name of the event
Lorem ipsum dolor sit amet, consectetur adipiscing elit.
10:00 - 11:00 Name of the event
Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Speakers title

speaker

Full Name
Job Title
Thales

Connect

speaker

Full Name
Job Title
Thales

Connect

speaker

Full Name
Job Title
Thales

Connect

speaker
quote mark
Quote, Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vestibulum sed lectus et nunc."

—Full Name and Job Title

Multi Asset Giveaway title

https://www6.thalesgroup.com/

asset thumb

Title of document
Description

Download

asset thumb

Title of document
Description

Download

asset thumb

Title of document
Description

Download

asset thumb

Title of document
Description

Download

Blank Section

Contact Us

Please enter a valid business email

This field cannot be blank

Your personal data is collected and processed by THALES in order to stay in touch with you. You can manage your email preferences or unsubscribe at any time. We will process your data with respect and in accordance to our privacy notice.

Our Customers

Previous Next

How to embed a map from Google maps

Go to your destination on Google maps and click on share

Step 1 of 3

Prev

Next

Master Template help

Here is a handy guide to the new features of the Master LP

Step 1 of 6

Start