Entry
Reader's guide
Entries A-Z
Subject index
Data Security
Data security refers to the requirement to ensure confidentiality, integrity, and availability of data. In security circles, confidentiality, integrity, and availability are called the CIA triad and are the bases for implementing data security. Confidentiality is present when disclosure of data to unauthorized personnel and/or systems is prevented from occurring. Data have integrity when they are complete, accurate, and reliable and when unauthorized alteration and/or destruction is prevented. Data security requires the active interventions of laws, management, people, and technology to ensure that the triad is active and working effectively.
Laws and Regulations
Numerous federal and common laws affect the way data are secured by individuals and within systems. A few of the federal laws that affect healthcare are the Computer Fraud and Abuse Act, the Computer Security Act of 1987, the Electronic Communications Privacy Act of 1986, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the National Information Infrastructure Protection Act of 1996, and the Security and Freedom Through Encryption Act of 1999. In some instances where providers or hospitals offer financial plans, they are covered by the Sarbanes-Oxley Act of 2002. The main law that covers data security in the healthcare arena is HIPAA's Security Rule, Title 45 CFR (Code of Federal Regulations) Parts 160, 162, and 164, which had a compliance date of April 20, 2005.
The Security Rule applies only to covered entities—namely, healthcare providers, healthcare clearinghouses, and healthcare plans. The Security Rule requires that each covered entity institutes a security plan that meets or exceeds the security standards as set forth in the rule to protect the confidentiality, integrity, and availability of electronically protected health information and other information as set forth in the rule. The standards are divided into three categories: administrative, physical, and technical. Administrative safeguards require a risk analysis, contingency/disaster recovery plans, personnel security measures, sanctions, security policies and procedures, termination procedures, and training requirements. The physical safeguards cover media controls, physical access controls, workstation controls and procedures, and security awareness training. The technical safeguards pertain to system access controls, encryption, authorization controls, data authentication, and access authentication. These standards are either required or addressable. A required standard must be implemented. An addressable standard can be implemented as described in the rule, or the entity can justify why it chose another method to meet the standard.
The common laws that affect data security are numerous and usually are called into force through civil litigation when due diligence or due care is in question. Due diligence requires that an organization make and continue to make a valid effort to protect the confidentiality, integrity, and availability of the data. Due care requires the organization to act as any prudent and rational organization would when trying to protect the security of the data. One law that is not always enforced by court action is the law that grew from the norms, morals, and common laws of the land—ethics. Ethics guides professionals, especially in healthcare, to do no harm and to protect the confidentiality of the patient or client.
...
- Access to Care
- Access to Healthcare
- Access, Models of
- Critical Access Hospitals (CAHs)
- Cultural Competency
- Direct-to-Consumer Advertising (DTCA)
- E-Health
- E-Prescribing
- Ethnic and Racial Barriers to Healthcare
- Geographic Barriers to Healthcare
- Health Communication
- Health Literacy
- Health Professional Shortage Areas (HPSAs)
- Healthcare Web Sites
- Hospital Closures
- Inner-City Healthcare
- Medical Travel
- National Health Service Corps (NHSC)
- Patient Dumping
- Patient Transfers
- Rural Health
- Safety Net
- Telemedicine
- Transportation
- Accreditation, Associations, Foundations, and Research Organizations
- Accreditation
- Associations
- AARP
- AcademyHealth
- America's Health Insurance Plans (AHIP)
- American Academy of Family Physicians (AAFP)
- American Academy of Pediatrics (AAP)
- American Association of Colleges of Nursing (AACN)
- American Association of Preferred Provider Organizations (AAPPO)
- American College of Healthcare Executives (ACHE)
- American Health Care Association (AHCA)
- American Health Planning Association (AHPA)
- American Hospital Association (AHA)
- American Medical Association (AMA)
- American Nurses Association (ANA)
- American Osteopathic Association (AOA)
- American Public Health Association (APHA)
- American Society of Health Economics (ASHE)
- Association of American Medical Colleges (AAMC)
- Association of University Programs in Health Administration (AUPHA)
- Healthcare Financial Management Association (HFMA)
- Institute for Healthcare Improvement (IHI)
- International Health Economics Association (IHEA)
- National Alliance for the Mentally Ill (NAMI)
- National Association of Health Data Organizations (NAHDO)
- National Association of State Medicaid Directors (NASMD)
- National Center for Assisted Living (NCAL)
- National Citizens' Coalition for Nursing Home Reform (NCCNHR)
- National Coalition on Health Care (NCHC)
- National Commission for Quality Long-Term Care (NCQLTC)
- National Health Policy Forum (NHPF)
- National Medical Association (NMA)
- National Quality Forum (NQF)
- University HealthSystem Consortium (UHC)
- Business Coalitions
- Foundations
- Research Organizations
- Biographies of Current and Past Leaders - Current Leaders
- Current Leaders
- Aday, Lu Ann
- Aiken, Linda H.
- Altman, Drew E.
- Andersen, Ronald M.
- Arrow, Kenneth J.
- Berwick, Donald M.
- Brook, Robert H.
- Chassin, Mark R.
- Clancy, Carolyn M.
- Culyer, Anthony J.
- Davis, Karen
- Drummond, Michael
- Ellwood, Paul M.
- Enthoven, Alain C.
- Evans, Robert G.
- Feder, Judith
- Fuchs, Victor R.
- Ginsburg, Paul B.
- Grossman, Michael
- Kane, Robert L.
- Katz, Sidney
- Lee, Philip R.
- Lomas, Jonathan
- Luft, Harold S.
- Marmor, Theodore R.
- Maynard, Alan
- Mechanic, David
- Naylor, C. David
- Newhouse, Joseph P.
- O'Leary, Dennis S.
- Pauly, Mark V.
- Reinhardt, Uwe E.
- Relman, Arnold S.
- Rice, Dorothy P.
- Roos, Leslie L.
- Roos, Noralou P.
- Rosenbaum, Sara
- Sackett, David L.
- Scott, W. Richard
- Shortell, Stephen M.
- Starfield, Barbara
- Starr, Paul
- Stevens, Rosemary A.
- Tarlov, Alvin R.
- Ware, John E.
- Wennberg, John E.
- White, Kerr L.
- Wilensky, Gail R.
- Past Leaders
- Anderson, Odin W.
- Cochrane, Archibald L.
- Codman, Ernest Amory
- Cohen, Wilbur J.
- Davis, Michael M.
- Donabedian, Avedis
- Eisenberg, John M.
- Farr, William
- Flexner, Abraham
- Ginzberg, Eli
- Kimball, Justin Ford
- McNerney, Walter J.
- Nightingale, Florence
- Roemer, Milton I.
- Rorem, C. Rufus
- Shapiro, Sam
- Sheps, Cecil G.
- Thompson, John Devereaux
- Williams, Alan H.
- Current Leaders
- Cost of Care, Economics, Finance, and Payment Mechanisms
- Administrative Costs
- Capitation
- Charity Care
- Committee on the Costs of Medical Care (CCMC)
- Compensation Differentials
- Cost Containment Strategies
- Cost of Healthcare
- Cost Shifting
- Cost-Benefit and Cost-Effectiveness Analyses
- Current Procedural Terminology (CPT)
- Diagnosis Related Groups (DRGs)
- Economic Barriers to Healthcare
- Economic Recessions
- Economic Spillover
- Economies of Scale
- Fee-for-Service
- Flat-of-the-Curve Medicine
- Health Economics
- Healthcare Financial Management
- Healthcare Markets
- Inflation in Healthcare
- Long-Term Care Costs in the United States
- Market Failure
- Pay-for-Performance
- Payment Mechanisms
- Pharmacoeconomics
- Prospective Payment
- Resource-Based Relative Value Scale (RBRVS)
- Supplier-Induced Demand
- U.S. National Health Expenditures
- Uncompensated Healthcare
- Disease, Disability, Health, and Health Behavior
- Activities of Daily Living (ADL)
- Acute and Chronic Diseases
- Adverse Drug Events
- Chronic-Care Model
- Diabetes
- Disability
- Disease
- Emerging Diseases
- Genetics
- Health
- Health Indicators, Leading
- Iatrogenic Disease
- Infectious Diseases
- International Classification of Diseases (ICD)
- Life Expectancy
- Medical Sociology
- Medicalization
- Mental Health
- Morbidity
- Mortality
- Mortality, Major Causes in the United States
- Obesity
- Pain
- Prescription and Generic Drug Use
- Tobacco Use
- Government and International Healthcare Organizations
- International Organizations
- Canadian Association for Health Services and Policy Research (CAHSPR)
- Canadian Health Services Research Foundation (CHSRF)
- Canadian Institute of Health Services and Policy Research (IHSPR)
- Pan American Health Organization (PAHO)
- United Kingdom's National Health Service (NHS)
- United Kingdom's National Institute for Health and Clinical Excellence (NICE)
- World Health Organization (WHO)
- U.S. Government Organizations
- Agency for Healthcare Research and Quality (AHRQ)
- Centers for Disease Control and Prevention (CDC)
- Centers for Medicare and Medicaid Services (CMS)
- Congressional Budget Office (CBO)
- Health Resources and Services Administration (HRSA)
- Indian Health Service (IHS)
- Medicare Payment Advisory Commission (MedPAC)
- National Center for Health Statistics (NCHS)
- National Guideline Clearinghouse (NGC)
- National Information Center on Health Services Research and Health Care Technology (NICHSR)
- National Institutes of Health (NIH)
- Substance Abuse and Mental Health Services Administration (SAMHSA)
- TRICARE, Military Health System
- U.S. Department of Veterans Affairs (VA)
- U.S. Food and Drug Administration (FDA)
- U.S. Government Accountability Office (GAO)
- International Organizations
- Health Insurance
- Adverse Selection
- Blue Cross and Blue Shield
- Carve-Outs
- Coinsurance, Copays, and Deductibles
- Consumer-Directed Health Plans (CDHPs)
- Crowd-Out
- Employee Health Benefits
- Flexible Spending Accounts (FSAs)
- Health Insurance
- Health Insurance Coverage
- Health Savings Accounts (HSAs)
- Medicaid
- Medicare
- Medicare Part D Prescription Drug Benefit
- Moral Hazard
- RAND Health Insurance Experiment
- Selective Contracting
- Single-Payer System
- State Children's Health Insurance Program (SCHIP)
- State-Based Health Insurance Initiatives
- Tax Subsidy of Employer-Sponsored Health Insurance
- Health Professionals and Healthcare Organizations
- Academic Medical Centers
- Allied Health Professionals
- Ambulatory Care
- Case Management
- Chiropractors
- Community Health Centers (CHCs)
- Community Mental Health Centers (CMHCs)
- Complementary and Alternative Medicine
- Dentists and Dental Care
- Disease Management
- Diversity in Healthcare Management
- Emergency Medical Services (EMS)
- Eye Care Services
- Federally Qualified Health Centers (FQHCs)
- Free Clinics
- General Practice
- Health Maintenance Organizations (HMOs)
- Health Systems Agencies (HSAs)
- Health Workforce
- Healthcare Organization Theory
- Home Health Care
- Hospice
- Hospital Emergency Departments
- Hospitalists
- Hospitals
- Intensive-Care Units
- Intermediate-Care Facilities (ICFs)
- Long-Term Care
- Managed Care
- Medical Group Practice
- Multihospital Healthcare Systems
- Nonprofit Healthcare Organizations
- Nurse Practitioners (NPs)
- Nurses
- Nursing Homes
- Pharmaceutical Industry
- Pharmacy
- Physician Assistants
- Physician Workforce Issues
- Physicians
- Physicians, Osteopathic
- Preferred Provider Organizations (PPOs)
- Primary Care
- Primary-Care Case Management (PCCM)
- Primary-Care Physicians
- Skilled-Nursing Facilities
- Health Services Research
- Data Sources in Conducting Health Services Research
- Health Services Research at the Veterans Health Administration (VHA)
- Health Services Research in Australia
- Health Services Research in Canada
- Health Services Research in Dentistry and Oral Health
- Health Services Research in Eastern Europe
- Health Services Research in Germany
- Health Services Research in Sub-Saharan Africa
- Health Services Research in the People's Republic of China
- Health Services Research in the United Kingdom
- Health Services Research Journals
- Health Services Research, Definition
- Health Services Research, Origins
- Laws, Regulations, and Ethics
- Measurement, Data Sources and Coding, and Research Methods
- Case-Mix Adjustment
- Causal Analysis
- Clinical Decision Support
- Cohort Studies
- Community-Based Participatory Research (CBPR)
- Computers
- Cross-Sectional Studies
- Data Privacy
- Data Security
- Diagnostic and Statistical Manual of Mental Disorders (DSM)
- Electronic Clinical Records
- Evidence-Based Medicine (EBM)
- General Health Questionnaire
- Geographic Information Systems (GIS)
- Health Informatics
- Health Surveys
- Healthcare Cost and Utilization Project (HCUP)
- Healthcare Effectiveness Data and Information Set (HEDIS)
- Healthcare Informatics Research
- Measurement in Health Services Research
- Meta-Analysis
- Minimum Data Set (MDS) for Nursing Home Resident Assessment
- National Practitioner Data Bank (NPDB)
- ORYX Performance Measurement System
- Provider-Based Research Networks (PBRNs)
- Quality of Well-Being Scale (QWB)
- Randomized Controlled Trials (RCTs)
- Satisfaction Surveys
- Severity Adjustment
- Short-Form Health Surveys (SF-36, -12, -8)
- Outcomes of Care
- Policy Issues, Healthcare Reform, and International Comparisons
- Comparing Health Systems
- Competition in Healthcare
- Equity, Efficiency, and Effectiveness in Healthcare
- Focused Factories
- For-Profit Versus Not-for-Profit Healthcare
- Forces Changing Healthcare
- Health Disparities
- Healthcare Reform
- International Health Systems
- National Health Insurance
- National Healthcare Disparities Report (NHDR)
- Public Policy
- Rationing Healthcare
- Technology Assessment
- Public Health
- Quality and Safety of Care
- Accreditation
- Benchmarking
- Clinical Practice Guidelines
- Continuum of Care
- Credentialing
- Geographic Variations in Healthcare
- International Classification for Patient Safety (ICPS)
- Malpractice
- Medical Errors
- National Healthcare Quality Report (NHQR)
- National Patient Safety Goals (NPSG)
- Nursing Home Quality
- Patient Safety
- Patient-Centered Care
- Quality Enhancement Research Initiative (QUERI) of the Veterans Health Administration (VHA)
- Quality Improvement Organizations (QIOs)
- Quality Indicators
- Quality Management
- Quality of Healthcare
- Quality of Life, Health-Related (HRQOL)
- Quality-Adjusted Life Years (QALYs)
- Structure-Process-Outcome Quality Measures
- Timeliness of Healthcare
- Special and Vulnerable Groups
- Loading...
Get a 30 day FREE TRIAL
-
Watch videos from a variety of sources bringing classroom topics to life -
Read modern, diverse business cases
-
Explore hundreds of books and reference titles
Read next
More like this
Sage Recommends
We found other relevant content for you on other Sage platforms.
Have you created a personal profile? Login or create a profile so that you can save clips, playlists and searches