Healthcare clinics, hospitals, and contract nurses must all maintain HIPAA Compliance. Although many document management system vendors claim the ability to facilitate HIPAA Compliance, they have trouble pinpointing exactly how their systems reach this objective. Keep reading to discover how eFileCabinet facilitates HIPAA Compliance on a feature-by-feature basis.
The HIPAA Compliance Security Rule
Security alone does not equal compliance. Rather, the focus should be utilizing security to achieve compliance. Essentially, compliance is an outcome of security. So under full and proper use, eFileCabinet document management software ensures that all four technical safeguards under HIPAA’s Security Rule, as outlined below, are met by the following eFileCabinet features:
HIPAA Security Rule Technical Safeguard 1: Access Control
This safeguard establishes the following definition as achieving access controls: “…the ability or means necessary to read, write, modify, or communicate data/information or otherwise use any system resource.”
eFileCabinet features that facilitate this: Role-based user permissions, file versioning
HIPAA Security Rule Technical Safeguard 2: Audit Controls
This safeguard establishes the following definition as achieving audit controls: “Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.”
eFileCabinet features that facilitate this: Audit trails, role-based user permissions, retention.
HIPAA Security Rule Technical Safeguard 3: Integrity Controls
This safeguard sets forth the following definition of achieved integrity controls: “The property that data or information have not been altered or destroyed in an unauthorized manner.”
eFileCabinet features that facilitate this: automated file retention, data backup, role-based user permissions
HIPAA Security Rule Technical Safeguard 4: Transmission Security
This safeguard sets forth the following definition of achieved transmission security: “Implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.”
eFileCabinet features that facilitate this: SecureDrawer
The HIPAA Compliance Privacy Rule
Under proper use, eFileCabinet document management software facilitates the technological requirements for confidentiality codes and practices in healthcare for the HIPAA compliance Privacy Rule.
HIPAA Privacy Rule 1: Protected Health Information (PHI)
HIPAA states that protected health information should not be used or disclosed when it is not necessary to satisfy a particular purpose or carry out a function.
Protected Health Information (PHI) entails information, including demographic data, that relates to patients’ past, present, or future health or condition; the provision of healthcare to the individual, or; the past, present, or future payment of the provision of healthcare to the individual.
eFileCabinet features that facilitate this: Role-based user permissions, SecureDrawer, Versioning