Health Care Industry                  Today’s health care industry faces a complex array of new security and privacy issues. Driven largely by the Health Insurance Portability and Accountability Act (HIPAA) of 1996, physicians, specialists, clinicians and hospital administrators are feeling the pressure to improve the overall security of protected health information (PHI). HIPAA was enacted by Congress to standardize and automate the processing of health insurance transactions, as well as to establish Privacy and Security standards that would safeguard the confidentiality of PHI. HIPAA will affect all “Covered Entities”, including health plans, health care clearinghouses, providers who conduct electronic HIPAA transactions and “Business Associates”, as defined. Health care organizations must be in compliance with HIPAA regulations for Privacy by April 13, 2003 to avoid substantial penalties associated with the new regulation. Proposed Security rules are still being completed, but are expected to be required in the near future. Requirements anticipated under this portion of the regulation include the evaluation and certification of the security and stability of physical and electronic record keeping systems; minimum standards for physical security, data protection and electronic network practices. Vendors who use or receive PHI, called “chain of trust partners”, must also provide contractual assurances that they will maintain the confidentiality of the data and comply with applicable restrictions. NOW is the time to prepare your security infrastructure for these regulatory requirements. DRG can help! DRG, a leading provider of Information Security technology services, specializes in practical security solutions for Protected Health Information. Industry leaders from health care and government agencies rely on us for our security expertise. DRG is your partner for health care security success. How DRG can help with your Health Care Security requirements: • Understand the scope and impact of HIPAA’s Privacy and Security regulations to the security requirements of your organization • Provide Security Assessment services that measures your infrastructure against HIPAA regulations • Define an Information Security program and policies that will fully comply with tough new HIPAA regulations • Implementing a plan? We can help you answer “what to do first and how” • Finally, we work with you to Implement your HIPAA Compliance Plan For more information on the types of security services HIPAA can provide, download our PDF file, or contact us.