China 
Africa 
Explore chapters and articles related to this topic
Challenges of Implementing Privacy Policies Across the Globe
Published in Ahmed Elngar, Ambika Pawar, Prathamesh Churi, Data Protection and Privacy in Healthcare, 2021
The Health Insurance Portability and Accountability Act (HIPAA) was signed into effect in 1996. The main purpose of HIPAA was to ensure patients’ healthcare data privacy, the security of electronic records, administrative ease and insurance portability [8]. It provides detailed instructions for handling and protecting personally identifiable data. These instructions may include access control mechanisms in the form of passwords and PINs, encrypting the stored information which ensures that only users who have the “key” can decrypt it, and an audit trail feature which can record who accessed the data, what changes were made and when. HIPAA provides the users rights over their healthcare information, including the right to get a copy of their information, make sure it is correct and know who has seen it [10]. HIPAA regulations must be followed by certain covered entities which include health insurance companies, HMOs, company health plans and healthcare providers such as doctors, clinics, hospitals, psychologists, chiropractors, nursing homes, pharmacies and dentists and business associates of covered entities such as people like outside lawyers, accountants and IT specialists and companies that store or destroy medical records. HIPAA includes the following key points related to healthcare data protection:
A Taxonomy of e-Healthcare Techniques and Solutions: Challenges and Future Directions
Published in Ranjeet Kumar Rout, Saiyed Umer, Sabha Sheikh, Amrit Lal Sangal, Artificial Intelligence Technologies for Computational Biology, 2023
Dev Arora, Amit Dua, Umair Ayub
In the USA, the Health Insurance Portability and Accountability Act (HIPAA) states a penalty of US $1.5 million per data breach incident. It also states that the impacted individuals have to be informed within 60 days of the breach event. If more than 500 people are affected by the breach, the healthcare provider must report it to the US Department of Health and Human Services (HHS) and the US media, who then publish it online [39]. Figure 3.7 reflects the increase in the number of healthcare data breaches in the US from 2015 onward. There is an 89% increase in data breaches in the past 5 years. Thus, healthcare organizations must improve their privacy measures for the sensitive healthcare data they possess.
Healthcare information security and assurance
Published in Abbas Moallem, Human-Computer Interaction and Cybersecurity Handbook, 2018
Ulku Yaylacicegi Clark, Jeffrey G. Baltezegar
The HIPAA privacy rule establishes national standards to protect individuals’ medical records and other PHI and applies to health plans, healthcare clearinghouses, and those healthcare providers that conduct certain healthcare transactions electronically. The rule requires appropriate safeguards to protect the privacy of PHI and sets limits and conditions on the uses and disclosures that may be made of such information without patient authorization. The rule also gives patients rights over their health information, including rights to examine and obtain a copy of their health records and to request corrections.
When AI Is Wrong: Addressing Liability Challenges in Women’s Healthcare
Published in Journal of Computer Information Systems, 2022
The first area to audit is liability. Even though AI algorithms themselves cannot be held liable, the company designing and deploying algorithms must comply with relevant laws and regulations. Given the potential applications of AI in healthcare, AI developers should be familiar with specific compliance requirements, such as those of the Health Insurance Portability and Accountability Act (HIPAA).53 HIPAA, a US legislation passed in 1996, which safeguards electronic data, including patient health information.54 Although HIPAA generally applies to insurance companies, hospitals, and health organizations, developers may also be subject to this regulation depending on their interactions with health organizations and whether electronic patient health information is accessible. The European Union also recognizes regulations as critical to the development of AI technologies that users can trust. The General Data Protection Regulation (GDPR) is among the first to consider algorithmic decision-making’s impacts on the “fundamental rights and freedom of natural persons” and tackle possible AI abuses.46 In addition, a necessary liability verification also involves identifying the roles and responsibilities within the AI data lifecycle.55 For example, if a company uses external consultants, it must verify whether they have sufficient knowledge and requirements to handle AI data.