CYBERSECURITY IN HEALTHCARE: SECURING PATIENT HEALTH INFORMATION (PHI), HIPPA COMPLIANCE FRAMEWORK AND THE RESPONSIBILITIES OF HEALTHCARE PROVIDERS
DOI:
https://doi.org/10.60087/jklst.vol3.n3.p.278-287Abstract
Healthcare industry is major target for cyberattacks, making the protection of public health information (PHI) and Personal Identifiable Information (PII) a prime issue. In this digital era, with health organizations shifting to electronic health records and telemedicine, they are facing a major cybersecurity attack such as ransomware, phishing, and data breaches. These attacks compromise patient privacy, pose serious risks to patient safety, and hinder healthcare operations. The Health Insurance Portability and Accountability Act (HIPAA) provides a comprehensive compliance framework to protect PHI, wherein health providers shall undertake administrative, physical and technical safeguards. Despite these regulations, many healthcare providers struggle with achieving and maintaining HIPAA compliance due to limited resources, outdated technologies, and the rapidly evolving nature of cyber threats. This paper explores the HIPAA compliance framework, examining the specific responsibilities of healthcare providers to secure PHI. Key measures taken include periodic analysis of risks, establishment of encryption and access control systems, and comprehensive employee training to minimize risks of cyber-attacks. The study highlights that there is a growing need for healthcare providers to adopt proactive, adaptive cybersecurity strategies to deal with emerging threats. By following HIPAA regulations and updating security practices continuously, healthcare providers can protect the PHI, ensure regulatory compliance and safeguarding patient trust. The findings emphasize the role of adhering to regulation and innovation both in managing cyber risks for the healthcare sector.
Downloads
References
Alvarado, L. (2018). Securing Patient Health Information in the Age of Cybersecurity Threats. Journal of Healthcare Information Security, 10(3), 45-53. Retrieved from https://www.jhis.org/article/securing-patient-health-information
Egelman, S., & Cranor, L. (2019). Challenges in Healthcare Cybersecurity: The Role of Human Error in HIPAA Compliance. Journal of Health Policy and Technology, 8(1), 15-27. https://doi.org/10.1016/j.hlpt.2019.04.002
Fernández-Alemán, J. L., Señor, I. C., Lozoya, P. Á. O., & Toval, A. (2013). Security and privacy in electronic health records: A systematic literature review. Journal of Biomedical Informatics, 46(3), 541-562. https://doi.org/10.1016/j.jbi.2012.12.003
Garg, V., Brewer, B. B., & Damico, P. J. (2013). Implementation of HIPAA regulations in healthcare organizations. Journal of Healthcare Management, 58(5), 328-340. https://doi.org/10.1097/00115514-201309000-00006
Gordon, W. J., Fairhall, A., & Landman, A. (2019). Threats to Information Security — Public Health Implications. The New England Journal of Medicine, 380(1), 23-26. https://doi.org/10.1056/NEJMp1815505
Abbasi, N., & Hussain, H. K. . (2024). Integration of Artificial Intelligence and Smart Technology: AI-Driven Robotics in Surgery: Precision and Efficiency. Journal of Artificial Intelligence General Science (JAIGS) ISSN:3006-4023, 5(1), 381–390. https://doi.org/10.60087/jaigs.v5i1.207
HIPAA Journal. (2014). Community Health Systems reaches $5 million settlement for lawsuit over 2014 data breach. Retrieved from HIPAA Journal, https://www.hipaajournal.com/healthcare-data-breach-statistics/
McLeod, A., & Dolezel, D. (2018). Cyber-Analytics: Risks for HIPAA Violations in the Healthcare Cloud. Health Policy and Technology, 7(4), 389-396. https://doi.org/10.1016/j.hlpt.2018.08.002
Modern Healthcare. (2019). Premera Blue Cross settles for $10 million in multistate investigation over 2015 data breach. Retrieved from Modern Healthcare
Perakslis, E. D. (2019). Cybersecurity in Health Care. Journal of the American Medical Association (JAMA), 321(12), 1141-1142. https://doi.org/10.1001/jama.2019.0284
Reddy, S., & Rein, A. L. (2018). HIPAA Compliance Challenges in an Evolving Cyber Threat Environment. Health Affairs, 37(7), 1082-1089. https://doi.org/10.1377/hlthaff.2018.0140
Rights, O. F. C. (2022, October 19). Summary of the HIPAA Privacy Rule. HHS.gov. https://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html
Shou, C. D., & Li, M. (2020). Cybersecurity Risks and HIPAA: Strategies for Securing Electronic Health Records. Journal of Health Information Technology, 9(2), 58-65. Retrieved from https://www.jhit.org/article/cybersecurity-risks-and-hipaa
Snell, E. (2021). Healthcare Cybersecurity Trends: Increasing Threats, HIPAA Compliance, and Patient Safety. Journal of Cybersecurity & Privacy, 12(3), 75-88. https://www.jcybersecprivacy.org/article/increasing-threats-hipaa-compliance
Wall, A., & Kee, D. (2019). Improving HIPAA Compliance with Modern Security Practices: Challenges and Opportunities. Health Information Management Journal, 48(2), 74-80. https://doi.org/10.1177/1833358319845041
Yaraghi, N., & Gopal, R. D. (2018). The Role of HIPAA in Securing PHI: A Critical Analysis. Journal of Management Information Systems, 35(2), 408-432. https://doi.org/10.1080/07421222.2018.1451965
Downloads
Published
Issue
Section
License
Copyright (c) 2024 Journal of Knowledge Learning and Science Technology ISSN: 2959-6386 (online)
This work is licensed under a Creative Commons Attribution 4.0 International License.
©2024 All rights reserved by the respective authors and JKLST.