A Survey of U.S. Laws for Health Information Security & Privacy

As healthcare organizations and their business associates operate in an increasingly complex technological world, there exist security threats and attacks which render individually identifiable health information vulnerable. In United States, a number of laws exist to ensure that healthcare providers take practical measures to address the security and privacy needs of health information. This paper provides a survey of U.S. laws related to health information security and privacy, which include Health Insurance Portability and Accountability Act (HIPAA),Gramm-Leach-Bliley Act, Sarbanes-Oxley Act of 2002, Patient Safety and Quality Improvement Act of 2005, and Health Information Technology for Economic and Clinical Health (HITECH).The history and background of the laws, highlights of what the laws require, and the challenges organizations face in complying with the laws are discussed.

[1]  P. Schwartz,et al.  The Gramm-Leach-Bliley Act, Information Privacy, and the Limits of Default Rules , 2002 .

[2]  A. Whyte,et al.  THE GRAMM-LEACH-BLILEY ACT OF 1999: RISK IMPLICATIONS FOR THE FINANCIAL SERVICES INDUSTRY , 2004 .

[3]  Sameer Kumar,et al.  HIPAA's effects on US healthcare. , 2009, International journal of health care quality assurance.

[4]  Jolina C. Cuaresma The Gramm-Leach-Bliley Act , 2002 .

[5]  Kudakwashe Dube,et al.  Electronic Healthcare Information Security , 2010, Advances in Information Security.

[6]  HITECH stimulus for physicians. , 2009, North Carolina medical journal.

[7]  Joseph Conn HIPPA, 10 years after. , 2006, Modern healthcare.

[8]  Mary L. Durham How Research Will Adapt to HIPAA: A View from Within the Healthcare Delivery System , 2002, American Journal of Law & Medicine.

[9]  F. Prior,et al.  Potential impact of HITECH security regulations on medical imaging , 2009, 2009 Annual International Conference of the IEEE Engineering in Medicine and Biology Society.

[10]  Modern age until Health Insurance Portability and Accountability Act , 2011 .

[11]  F. Levy,et al.  The Patient Safety and Quality Improvement Act of 2005 , 2010, The Journal of legal medicine.

[12]  K. Kudsk,et al.  Health Insurance Portability Accountability Act (HIPAA) Regulations: Effect on Medical Record Research , 2004, Annals of surgery.

[13]  Frederick Turner,et al.  Use HITECH as directed: healthcare practitioners who want to take advantage of funds made available by ARRA must focus on the transition to EHR technology now. , 2011, Health management technology.

[14]  A. Heminger,et al.  A Study of U.S. Battlefield Medical Treatment/Evacuation Compliance with HIPAA Requirements , 2009, 2009 42nd Hawaii International Conference on System Sciences.