HIPAA and FERPA are federal laws that are used to regulate how data can be disclosed. These two acts may be similar, but they each apply to different businesses. If either HIPAA or FERPA applies to your business, it’s important to be Certified. If you are not Certified and don’t follow the proper regulations, you can face hefty fines, suspensions, lawsuits, revocation of funding, and negative attention surrounding your business.
What Does HIPAA Cover?
HIPAA (Health Insurance Portability and Accountability Act) covers businesses that focus on healthcare information. HIPAA takes part in all personally identifiable information about a patient that is stored byan organization, and requires healthcare businesses to do the following:
- Protect Patient Data: Limit access to personal health information (PHI). The patient, caregiver, and anyone the patient allows (such as family) are the only people allowed to access their PHI.
- Keep Patient Information Secure: Physical records should be locked away and online information should be encrypted with the appropriate security measures in place.
- Patients Can Access Information Upon Request: All patient information must be kept and easily accessible in case they want to review it.
What Does FERPA Cover?
FERPA (Family Educational Rights and Privacy Act) applies to both public and private schools, as well as post secondary institutions. FERPA regulates all student records, including any medical care that takes place at school, and requires schools to do the following:
- Protect All Information in Student’s Record: Student’s grades, medical records, disciplinary actions and general personal information all need to be protected.
- Allow Legal Guardians Control Over Student’s Information Until They are 18: Before sharing any information to an outside party, you must get permission. Parents whose children are over 18 must also get permission.
- Be Clear on Who FERPA Applies to: It covers all previous and current enrolled students at your school.
Do You Meet HIPAA/FERPA Compliance Regulations?
If You Are Unsure, Here’s How CATS Technology Solutions Group Can Help:
At CATS Technology Solutions Group, we have many Technicians who are Certified and have the ability to make sure our clients meet HIPAA/FERPA Compliance, while also maintaining knowledge on the latest standards, rules, and best practices.
We will start by conducting a security risk assessment, where the client can view their security and network risks. We will then implement a remediation plan and work with the client to minimize risk and meet HIPAA/FERPA regulations. We will continue to run network and security scans to provide quarterly reports and work with the client to verify that they stay in compliance.
3 Step Approach to HIPAA/FERPA Compliance:
- Network and Security Scans and Reports
- Remediation Phase to Meet Regulations
- Continuous Compliance with our HIPAA/FERPA Compliant Manager IT Services
CATS Technology Solutions Group understands that compliance is not an easy task, but will be able to assist you from start to finish to make it as easy as possible. Call us! 732-204-7100