Privacy, Confidentiality, and Security

Several laws play a major role in defining the way in which EHRs operate. Arguably, the most important is the Health Insurance Portability and Accountability Act (HIPAA) of 1996,27 which includes rules on the privacy and security of personal health information (PHI). These provisions have been in force since 2003 and 2005, respectively. They focus on the ways in which PHI can be viewed, used, and transmitted. See Figure 22-5 for the number of investigated resolutions between April 2003 and December 2011.


Figure 22-5 Investigated resolutions. Reprinted from the U.S. Department of Health and Human Services. ...

Get Healthcare Information Technology Exam Guide for CompTIA Healthcare IT Technician and HIT Pro Certifications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.