What It Means To Be HIPAA Compliant

HIPAA Compliance

The Health Insurance Portability and Accountability Act (HIPAA) was established in the U.S. in 1996 to protect an individual's personal health care information. Healthcare institutions are required to meet all standards and comply with the appropriate security measures in order to safeguard patient data. These standards became enforceable by law on 21 April, 2005.

Under HIPAA, several things must be protected including any patient healthcare information that is written, spoken or electronic. Electronic data can be faxed, printed, copied or emailed and includes lab reports, insurance claims, consent forms and patient records.

Safeguarding patient data is a key concern among healthcare CIOs all over the world, as healthcare is the target industry of a vast majority of information attacks due to the nature of the information held in the healthcare record.

If your business hosts data with a HIPAA compliant provider, there are certain administrative, physical and technical safeguards in place as required by the U.S. Department of Health and Human Services.

Physical safeguards include limited facility access and control and require authorized access. All covered entities, including HIPAA compliant organizations, must have usage and access policies regarding access to workstations and electronic media. Part of this safeguarding effort requires transferring, removing, disposing and reusing electronic media and electronic protected health information.

Technical safeguards of HIPAA compliance require restrictions on access to protected health data. In other words, authorization is required to access the health record. This form of protection includes the use of user IDs, emergency access procedures, automatic log off and encryption and decryption of data.

Also on the technical side of HIPAA compliance, tracking logs must be implemented to keep a record of activity on hardware and software. This practice helps to identify the source or cause of any security violations with greater ease and quickness.

Policies are to be put into place to ensure that personal health data is not altered or destroyed. IT disaster recovery and offsite backups are necessary to ensure that any electronic media errors or failures can be solved quickly and that patient health information can be recovered accurately.

Failure to comply with these guidelines and requirements could lead to steep fines and other legal action from the government. Ensuring compliance can prove to be a tremendous challenge.

Giva makes HIPAA compliance very easy for our customers since the data center, hardware and software infrastructure of Giva's cloud help desk software meet the very strict HIPAA compliance regulations. For more information read 7 Key elements of Giva's HIPPA-Compliant Cloud Help Desk Software for Electronic Health & Medical Records.

Client Success

MetroHealth System Logo
  • 50% reduction in time to deploy Giva's change, incident, problem, asset management and knowledgebase modules
  • 60% reduction in the 5 year Total Cost of Ownership (TCO)
  • Saved at least 1 FTE due to lower ongoing administration
  • Saved 1 week per month due to easy to use reports
Athens Regional Health System Logo
  • Increased to 90% achievement in meeting service level agreements
  • 70% reduction in generating reports and admin; eliminated 35 hours/month
  • 50% faster to create/assign a service request
  • 60% increase in information captured during the initial phone call
  • 50% increase in the number of service requests created due to intuitive design
Santé Health Systems Logo
  • 80% increase in productivity by using Giva's dashboards and reports
  • 60% increase in meeting service level agreements
  • 45% increase in the number of the calls logged due to Giva's intuitiveness and ease of use
  • 50% increase in productivity by using Giva's integrated custom forms