HIPAA vs. ISO 27001: What are the differences? _advisera.com
| posted by shirelywang in : workplace | No comments |

All over the world, organizations in the healthcare industry are becoming more and more interested in protecting their patients’ information; but, in the United States, this need goes back to 1996, with the enforcement of HIPAA (Health Insurance Portability and Accountability Act), which regulates the use and disclosure of U.S. citizens’ protected health information.

This article will present how organizations that need to ensure HIPAA compliance can take advantage of ISO 27001, the leading ISO standard for information security management, to fulfill the requirements.

What are the security requirements in HIPAA? Broadly speaking, HIPAA requirements are defined by two main rules: the Privacy rule and the Security rule. These rules must be followed by any U.S. healthcare provider who transmits health information in electronic form (generally called “covered entities”).


You must log in or register to comment.

There's nothing here…