HIPAA and Meaningful Use and Windows XP

Posted on by

Does the Security Rule mandate minimum operating system requirements for the personal computer systems used by a covered entity?

Answer: No. The Security Rule was written to allow flexibility for covered entities to implement security measures that best fit their organizational needs. The Security Rule does not specify minimum requirements for personal computer operating systems, but it does mandate requirements for information systems that contain electronic protected health information (e-PHI). Therefore, as part of the information system, the security capabilities of the operating system may be used to comply with technical safeguards standards and implementation specifications such as audit controls, unique user identification, integrity, person or entity authentication, or transmission security. Additionally, any known security vulnerabilities of an operating system should be considered in the covered entity’s risk analysis (e.g., does an operating system include known vulnerabilities for which a security patch is unavailable, e.g., because the operating system is no longer supported by its manufacturer).

OUR ALLIANCE PARTNERS

THE BENEFITS OF BECOMING A
BREAKTHROUGH COACHING PARTNER

As a leader in the Chiropractic profession, BTC has been extremely selective in forming its group of alliance partnerships. We encourage you to visit our partner's websites and to utilize their services and products. When you become a Member of Breakthrough Coaching you become part of a special "family" unlike any other in the Chiropractic Profession.


Practice Analysis Survey.

Let us analyze your practice today!

GET STARTED NOW
[email protected]
FREE GUEST TOUR Friend Us on Facebook Follow Us on Twitter Follow Us on LinkedIn