Health Insurance Portability and Accountability Act (HIPPA)
The HIPAA Privacy Rule stipulates federal securities for individual health reports held by included entities and their employees. HIPPA gives patients a collection of rights regarding their information.
HIPAA concentrates on 3 areas of the health-care industry: administrative simplification, unique health identifiers, and privacy and security. While HIPAA is directed toward the health-care industry, IT puts these regulations into action. The greatest area of interest for IT professionals is the security provision.
HIPAA mandates that all patient information is secure, whether it is transmitted electronically or in written format. The IT divisions within health-care organizations need to make sure their systems and processes are in compliance with regulations. While HIPAA may mean a slight increase in the breadth of security positions in the health-care industry, it also means an increase in the level of security among the already-existing IT departments and personnel. The businesses affected by this legislation are not just health-care providers, but also vendors and suppliers of healthcare organizations.
Sarbanes-Oxley Act (SOX)
The act came into play in 2002 and presented key variations to the control of financial customs and commercial authority. It also set a number of deadlines for compliance. This act was named after Senator Paul Sarbanes and Representative Michael Oxley. These two politicians were its chief originators.
“Section 404 of the Sarbanes-Oxley Act mandates that all publicly-traded organizations demonstrate due diligence in the disclosure of financial information. They must also implement internal controls and procedures to communicate, store and protect that data. They must protect these controls from internal and external threats and unauthorized access, including those that could occur through online systems and networks.” (SOX-online.com, 2012, n.p.)
Gramm-Leach-Bliley Act (GLBA)
The Gramm-Leach-Bliley Act demands financial institutions to clarify their information-sharing procedures to each of their patrons. This act was put in place to protect any and all sensitive data involving those patrons.
In short, the Privacy Rule demands that you