Policies, Procedures, and Devices Used by U.S. Hospitals for HiPAA Privacy and Security Compliance

Authors

Diane C. Davis, Southern Illinois University
Jeff Squibb, Southern Illinois University

Abstract

The purpose of the study was to identify the policies and procedures required in U.S. hospitals to meet the requirements of the Health Information Portability and Accountability Act (HIPAA). A major aspect of the study focused on the degree of change required to meet the security standards and on the types of security devices used by the hospitals. Findings from a survey of 286 U.S. hospitals found the greatest amount of change needed to meet HIPAA security compliance were changes resulting in increased Information Systems (IS) budget requirements, changes to network monitoring, and additional hiring in the IS department.

Recommended Citation

Davis, Diane C. and Squibb, Jeff (2004) "Policies, Procedures, and Devices Used by U.S. Hospitals for HiPAA Privacy and Security Compliance," Communications of the IIMA: Vol. 4: Iss. 2, Article 7.
DOI: https://doi.org/10.58729/1941-6687.1246
Available at: https://scholarworks.lib.csusb.edu/ciima/vol4/iss2/7