New regulations concerning the security of electronic protected health information (ePHI) go into effect April 21, 2005. These regulations are another part of the Health Insurance Portability and Accountability Act or HIPAA. The first part of the act, known as the HIPAA Privacy Rule, went into effect in 2003.
The HIPAA Security Rule is designed to ensure the confidentiality, integrity and availability of protected health information that is created, maintained, received, or transmitted through computer systems. UNM is required to make sure we safeguard ePHI using technological, physical and administrative security measures.
The purpose is to protect this information against reasonably anticipated threats or hazards to its security and integrity. The HIPAA Security Rule specifies sanctions and appropriate protection for the use or disclosure of this information in a manner that is not permitted by HIPAA.
UNM employees who were required to take the HIPAA Privacy training must also take a HIPAA Security course. This training can be found on the UNM Hospitals training web site at: HIPAA Security Course.
UNM clinical facilities, departments and research units with computer systems that contain ePHI are required to participate in security assessments coordinated by the Health Sciences Center Security Officer, Barney Metzner.
If you have questions regarding these new security measures, please contact the Health Sciences Center Security Officer at itsecurityofficer@salud.unm.edu.
Contact: Sally Bowler-Hill, (505) 272-0691
Posted by scarr at March 14, 2005 09:05 AM