A survey of U.S. laws for health information security & privacy

As healthcare organizations and their business associates operate in an increasingly complex technological world, there exist security threats and attacks which render individually identifiable health information vulnerable. In United States, a number of laws exist to ensure that healthcare providers take practical measures to address the security and privacy needs of health information. This paper provides a survey of U.S. laws related to health information security and privacy, which include Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act, Sarbanes-Oxley Act of 2002, Patient Safety and Quality Improvement Act of 2005, and Health Information Technology for Economic and Clinical Health (HITECH). The history and background of the laws, highlights of what the laws require, and the challenges organizations face in complying with the laws are discussed. Copyright © 2012, IGI Global.