How does HIPAA impact information technology in health care organizations? I need a comprehensive approach, please.

The impact of HIPAA on information technology in health care organizations:

In today’s hacker-crazed society, finding ways to protect patient data on the Internet is a top priority for healthcare providers.Hospitals, healthcare professionals and companies are investing millions of dollars in security systems to protect patient data. When security breaches occur, these entities can be forced to pay millions of dollars to settle patient data disputes and lawsuits.

In 1996, the federal government imposed a national policy known as the Health Insurance Portability and Accountability Act, or HIPAA to protect the confidentiality of personal health data and information, and instituted a minimum set of guidelines to increase security measures.The HIPAA Security Rule was established as a set of national security standards for the protection of all electronic protected health information that covered entities and their business associates create, receive, maintain or transmit.

The goal of the security rule is to help health care providers avoid some of the common security gaps that could lead to a cyber-attack and data loss, according to the Office of the National Coordinator for Health Information Technology.

An effective HIPAA compliance plan should include Internet applications and files to protect patient data, and to make it difficult for hackers to gain access.
With more medical professionals using personal mobile devices to communicate and collaborate on patient concerns, it is important that healthcare organizations address the use of technology and HIPAA compliance.

The Security Rule lists a series of specifications for technology to comply with HIPAA. These include:
•   All Protected Health Information (PHI) must be encrypted at rest and in transit.
•   Each medical professional authorized to access and communicate PHI must have a “Unique User Identifier” so that their use of PHI can be monitored.
•   The use of any technology to comply with HIPAA must have an automatic log off to prevent unauthorized access to PHI when a mobile device is left unattended (this also applies to desktop computers).

There are so many specifications for the use of technology and HIPAA compliance: lets see the following points
Issues with Encryption
The reason why encryption is so important is that, if a breach of PHI occurs, any data that is acquired will be unreadable, undecipherable and unusable. Although mechanisms exist to encrypt messages sent by SMS, Skype etc, every user within a healthcare organization must be using the same operating system and have the same encryption/decryption software in order for the mechanisms to be effective.
Monitoring Authorized Users
Whatever mechanism for the use of technology and HIPAA compliance is chosen by a healthcare organization, it has to have a system whereby access to and the use of PHI is monitored. This is not only due to making sure that authorized users are complying with secure messaging policies (a requirement of the HIPAA administrative safeguards), but also to conduct risk assessments (a requirement of the HIPAA audit protocol).
Automatic Log Offs
Automatic log offs are an essential security feature for mechanisms introduced to comply with HIPAA. Most commercially available text-messaging apps, Skype etc  have a log off feature, but how many people use them? The automatic log off requirement ensures that if a mobile device or desktop computer is left unattended, the user will be disconnected from the technology to comply with HIPAA in order to prevent unauthorized access to PHI by a third party.

The Right Technology to Comply with HIPAA has its Advantages
The correct use of technology and HIPAA compliance has its advantages
Specific areas that have benefitted from the introduction of technology to comply with HIPAA include:
•   On-call physicians, first responders and community nurses can communicate PHI on the go using secure texting.
•   Images, documents and videos can be attached to secure text messages, which can then be used at distance to determine accurate diagnoses.
•   Secure texting can be used to streamline the administration process of hospital admissions and discharges – significantly reducing patient wait times.

•   NOTE
PHI: Protected Health Information