Healthcare News & Insights


HIPAA: Medical Privacy in our Electronic World

Though the Health Insurance Portability and Accountability Act (HIPAA) was passed 15 years ago in part to regulate the sharing of electronic health data, it is still a hot topic in healthcare. Its Privacy Rule, passed in 2003, was a provision developed to assure the public that their personal health records would be kept safe and secure in an electronic exchange, but with the barrage of news stories recounting the number of health records accessed by hackers, read by employees of hospitals and clinics, or lost or damaged somewhere along the way has kept consumers and healthcare providers on edge.

Since its passing, this extension of HIPAA has brought about many benefits and many disadvantages to its use, so there is a constant debate as to whether or not this law is benefiting the healthcare industry and patients. And, with the government’s push to convert all health data to electronic versions by 2014 with the Health Information Technology for Economic and Clinical Health Act (HITECH), these outstanding concerns will remain for quite some time.

The HITECH Act, in an attempt to get all healthcare providers to make the switch to EHR and EMR technology, offers healthcare providers using electronic health records the ability to register for the Medicare or Medicaid EHR Incentive Program. Under this rule, they can earn up to $44,000 or $63,750 for Medicare and Medicaid respectively,  per eligible professional for their meaningful use of electronic health records.


With this HITECH “goal date” of 2014 nearing, many, if not all, of patients’ health records can now be found in an electronic format. Even small practices are moving away from paper files, opting instead to go with the wave of technology that has increased organization and transfer of important information between patients, care providers, and insurance plans.

Over the past few years, as the integration of electronic records became more widespread, the number of HIPAA and data breaches has increased, and many have related this series of negative events to the use of EMR and EHR. While it may seem like a direct relation, many of the security breaches that were recorded were not, in fact, a direct result of the electronic storage of the data, but the monitoring features on these technologies allowed more visibility into the data breaches.

While in the short term, reports emerging about increased data breaches may shed a negative light on EMR and EHR, in the long term we will likely see a decrease in reported data breaches as more and more people realize the probability of being caught and penalized.

HIPAA Compliant Technology

Choosing medical technology and software that is compliant with HIPAA is a big concern in the medical world because failure to do so can result in civil and/or criminal penalties. Medical practices and hospital organizations want to ensure that by using this new technology, they can enroll in the government’s incentive program as well as increase efficiency for their workforce and security for their patients.

That’s why choosing the right EMR and EHR technology has proven to be so important.

Privacy, confidentiality, and security are three of the most important factors to consider when purchasing an electronic health or medical records system. Purchasers should make sure that the technology is compliant under both the Security and the Privacy Rules under the HIPAA and HITECH Acts to ensure that their investment is providing them with the best results by meeting or exceeding each of the standards and codes required.

HIPAA is an extremely complex but very important ruling that offers patients and medical practitioners the protection they need and deserve. With the continuous wave of technologies making their way into the healthcare arena, there will continue to be updates and new provisions set forth to ensure the proper safety and security of health information. is committed to keeping all healthcare professionals “in the know” so they can continue to improve the quality of patient care.