SSRN Home Search and Download Papers Browse Abstract and Paper Submission Subscribe to Networks View Briefcase Top Papers Top Authors Top Institutions

 

Abstract

  
 

Footnotes (67)

Beta

 		 


 



Securing the HIPAA Security Rule

Sharona Hoffman
Case Western Reserve University - School of Law

Andy Podgurski
Case Western Reserve University


Journal of Internet Law, Spring 2007
Case Legal Studies Research Paper No. 06-26

Abstract:     
Both patients and health care providers have much to gain from the electronic processing of health data. Its advantages include speed, efficiency, and flexibility of information processing, which can result in long-term cost savings and improved patient outcomes. Unfortunately, many of the positive attributes of medical record computerization enable the operation of a market in illicitly-obtained private health information. The Internet provides a nearly ideal channel for trafficking in health information because it allows data to be transmitted anywhere in the world quickly, inexpensively, and with relatively little risk of detection.

The threat to data security associated with the electronic storage and transmission of health information is serious enough that it has merited regulatory intervention, which came in the form of the HIPAA Security Rule, promulgated as part of the HIPAA Privacy Rule on April 20, 2005. Based on a close reading of the Security Rule and on empirical evidence, we argue that the Rule has thus far fallen far short of fulfilling its goal of safeguarding the security of electronic health information. This article briefly describes the provisions of the Security Rule and then offers a critique of it. It details the Rule's major shortcomings, emphasizing the many ways in which it fails to provide meaningful compliance guidance to covered entities. The article also develops recommendations for revisions to the Rule, focusing on a proposed "best practices" standard.

Keywords: HIPAA, HIPAA Security Rule, Health Data, Data Security, Internet, Health Privacy

JEL Classifications: K23, K32

Accepted Paper Series

Date posted: December 26, 2006 ; Last revised: December 26, 2006

Suggested Citation

Hoffman, Sharona and Podgurski, Andy, Securing the HIPAA Security Rule. Journal of Internet Law, Spring 2007; Case Legal Studies Research Paper No. 06-26. Available at SSRN: http://ssrn.com/abstract=953670


Export to: Export Citation What's this?

Contact Information

Sharona Hoffman (Contact Author)
Case Western Reserve University - School of Law ( email )
11075 East Boulevard
Cleveland, OH 44106-7148
United States
216-368-3860 (Phone)
Andy Podgurski
Case Western Reserve University ( email )
10900 Euclid Ave.
Cleveland, OH 44106
United States
Feedback to SSRN (Beta)


Paper statistics
Abstract Views: 1,062
Downloads: 172
Download Rank: 52,216
Footnotes: 67

© 2010 Social Science Electronic Publishing, Inc. All Rights Reserved.  FAQ   Terms of Use   Privacy Policy   Copyright
This page was served by apollo1 in 0.140 seconds.