MUSC Medical Links Charleston Links Archives Medical Educator Speakers Bureau Seminars and Events Research Studies Research Grants Catalyst PDF File Community Happenings Campus News

Return to Main Menu

HIPAA Security Rule: Protect electronic health information

by Mike Wheeler
University Privacy Officer
The HIPAA (Health Insurance Portability and Accountability Act) Security Rule was implemented on April 20. Basically, this federal law requires MUSC to perform actions necessary to protect the confidentiality of identifiable health information stored, held, transmitted or used in an electronic format (on a computer or network server). 
 
Any electronic patient or research subject identifiable health information (for example, a spreadsheet or database with personal identifiers) is under the cognizance of the HIPAA Security Rule. One of the first steps in implementing this new federal law is to identify all spreadsheets or databases containing patient or research subject identifiable health information. 
 
MUSC established a Web site to register these spreadsheets or databases containing patient or research subject identifiable health information. These spreadsheets and databases containing identifiable health information can be registered at the following site (from the MUSC home page): sysreg.musc.edu (do not use http:// or www.)
 
Please register spreadsheets or databases containing patient or research subject identifiable health information. 
 
However, if the patient or research subject health information is completely de-identified, the spreadsheet or database does not require registration. 
 
For health information to be consider de-identified, the following identifiers are removed: names; all geographic subdivisions smaller than a state; all elements of date (except year) for dates directly related to an individual; telephone numbers; fax numbers; e-mail addresses; social security numbers; medical record numbers; health plan beneficiary numbers; account numbers; certificate/license numbers; vehicle identifiers and serial numbers including license plate numbers; device identifiers and serial numbers; Web Universal Resource Locators (URLs); Internet Protocol (IP) address numbers; biometric identifiers including finger and voice prints; full face photographic images and any comparable images; and any other unique identifying number, characteristic, or code.
 
In addition, please do not register any spreadsheet or database stored on a Veterans Affairs (VA) network server or VA computer.
 
If you have any questions or need information, e-mail wheelerm@musc.edu. 
   

Friday, Aug. 5, 2005
Catalyst Online is published weekly, updated as needed and improved from time to time by the MUSC Office of Public Relations for the faculty, employees and students of the Medical University of South Carolina. Catalyst Online editor, Kim Draughn, can be reached at 792-4107 or by email, catalyst@musc.edu. Editorial copy can be submitted to Catalyst Online and to The Catalyst in print by fax, 792-6723, or by email to petersnd@musc.edu or catalyst@musc.edu. To place an ad in The Catalyst hardcopy, call Community Press at 849-1778.