HIPAA and DMS
When it comes to healthcare, privacy is rule number one. It’s such an important rule that in 1996 the US Department of Health and Human Services created HIPAA, the Health Insurance Portability and Accountability Act.
If you handle protected health information, (PHI or ePHI for “electronic” data), you probably already know about being HIPAA compliant. In fact, the one thing you’re most aware of is that if you fail to meet compliance you’ll be facing hefty fines, criminal charges, or even jail time… so getting this right is your top priority.
This safeguard requires policies and procedures to protect ePHI on the workstation level; ensuring that they are used appropriately, used properly, and in what physical environment access to ePHI is permitted.
This standard is centered around the implementation of physical safeguards for all workstations that have access to ePHI to restrict access to authorized users. The solution is dependent on the covered entity’s risk analysis and risk management process, so it can cover a variety of solutions to meet your specific needs.