 |
Privacy and Security HIPAA Security Regulations |
|
The Administrative Simplification provisions of the Health Insurance Portability and Accountability Act of 1996 required the Department of Health and Human Services (HHS) to establish national standards for electronic health care transactions and national identifiers for providers, health plans, and employers. It also addressed the security and privacy of health data. The HIPAA Security Rule, which went into effect as of April 21, 2005, requires covered entities like USC to have in place administrative, technical, and physical safeguards to protection the confidentiality, integrity, and availability of all protected health information maintained in electronic form. This includes any information relating to: (1) an individual’s past, present, or future physical or mental health or condition; (2) the provision of health care to an individual; or (3) payment for the provision of health care to an individual. USC's HIPAA Security compliance program includes the following elements: |
Education and Training USC’s Office of Information Security offers educational and training materials on a variety of information security issues relevant to protecting health information maintained in electronic form. These live courses, web-based courses and videos, tools and resources, and brochures, forms, and guides offer practical guidance for all computer users and system administrators to protect the information they create, store, and transmit. Please see the Program Overview. |
Policies and Procedures
The Office of Information Security has also developed a suite of materials that assist those who create, store, and transmit ePHI in complying with their obligations under the HIPAA Security Rule by setting out procedures to follow that meet the requirements of the Rule. You can find links to much of this material on this site, or contact the Office of Information Security at (213) 743-4900 for more information. |
Monitoring and Auditing
|
- Contact Department -