HIPAA Privacy Policies and HIPAA Security Policies: What's the Difference?

If your organization has access to private health information, you are required to protect that information under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). When preparing an information protection program, you must understand the difference between HIPAA privacy policies and HIPAA security policies.

When many organizations implement a program under HIPAA, privacy policies are usually the focus. It is critical to understand what information can be shared and what parties are permitted access to that information.

The Privacy Management Toolkit can provide important resources in development of such a program. Created by Rebecca Herold, CISSP, CISM, CISA, it is designed to help organizations understand their responsibilities under HIPAA and implement a privacy policy program that will protect the organization and the private health information of its customers.

But when protecting information under HIPAA, security policies must not be overlooked. For example, according to HIPAA your organization must protect private health information from malicious network intrusions, and HIPAA security policies must be part of your overall plan. Information Security Policies Made Easy provides a library of over 1300 ready-to-use security policies, advice on security policy development and review, tips on raising security awareness, and more.

A comprehensive information protection plan must contain both HIPAA privacy policies and HIPAA security policies. With our help, you can develop a plan that will meet federal requirements, protect your customers' privacy, and save your company from costly privacy breaches.

Contact Information Shield and start developing your HIPAA privacy policies and security policies today.