A Guide to US and UK healthcare user security compliance
User security in healthcare is complex, and it’s for this reason that regulations like HIPAA are in place, as guidelines for the safeguarding of patient data. But meeting this regulatory requirements is not simple in itself, and isn’t by any means a guarantee of safety for your organisation.
This guide looks at the requirements of HIPAA, and the key NHS security guidelines in the UK, with regards to internal security. Check if you’re compliant with our Healthcare User Security Checklist.
And using research among healthcare workers in the UK and US, this guide highlights the areas in which organisations could be doing better. The aim is to help you run not only a compliant healthcare organisation, but an all-round more secure organisation.
Research report
The report follows a narrative of a user’s employment from what happens when they start employment, through the granular details of network access on to changing roles or leaving an organization.
-
Executive summary
A brief introduction to the main regulation sets in the US and UK and how healthcare organizations are complying with these regulations to protect patient data.
Read now
-
On-boarding new employees
Steps taken with new staff.
Show Research & Guidance
-
Security training, awareness and procedure
People related processes to protect access to electronic protected health information.
Show Research & Guidance
-
Network access
Technology’s place to minimize the risks from employees and decrease the surface area vulnerable to attack.
Show Research & Guidance
-
Data access and necessity
Levels of access control needed to maintain confidentiality of data records whilst ensuring prompt access to ensure proper delivery of care.
Show Research & Guidance
-
Moving jobs or roles
Requirements to address access when employees move role or leave an organization.
Show Research & Guidance