Health Insurance Portability and Accountability Act (HIPAA) -
Regulation for Health Care sector
HIPAA provides national standards to protect the privacy of personal health information. The U.S. Congress enacted HIPPA of 1996, Public Law 104-191 to improve the efficiency and effectiveness of the health care system, this included "Administrative Simplification" provisions that required HHS to adopt national standards for electronic health care transactions. Congress incorporated into HIPAA provisions that mandated the adoption of Federal privacy protections for individually identifiable health information.
HIPAA has brought about changes in healthcare transactions and administrative healthcare systems. HIPPA has affixed to an electronic document to bind it to a particular party. All healthcare providers, health plans, public health authorities, healthcare clearinghouses, and self-ensured employers, life insurers, information systems vendors, various service organizations, and universities are covered / affected by HIPAA.
HIPAA electronic signature secures the user authentication (proof of claimed identity) at the time the signature is generated; creates the logical manifestation of signature (including the possibility for multiple parties to sign a document and have the order of application recognized and proven); supplies additional information such as time stamp and signature purpose specific to that user; and ensures the integrity of the signed document to enable transportability of data, interoperability, independent verifiability, and continuity of signature capability. Verifying HIPAA electronic signature on a document verifies the integrity of the document and associated attributes and verifies the identity of the signer.The HIPAA includes a section, Title II, entitled Administrative Simplification, which requires:
- Improved efficiency in healthcare delivery by standardizing electronic data interchange.
- Protection of confidentiality and security of health data through setting and enforcing standards.
E-Lock digital signature solutions comply with the above-mentioned definition.
Digital Signature solutions provided by E-Lock are fully compliant with the HIPPA and provide complete confidentiality, integrity and security to the sensitive health data. The Digital Signature solutions can be integrated into the present infrastructure enabling the documents, forms, and reports to be signed digitally. The digitally signed documents/reports can be encrypted assuring the security, confidentiality and integrity and also ensures the non-repudiation.
- Standardization of electronic data related to patient’s health, administration and finance
- Unique health identifiers for individuals, employers, health plans and health care providers
- Security standards protecting the confidentiality and integrity of “individually identifiable health information,” past, present or future
JITC stands for Joint Interoperability Test Command. This certification is related to the US Department of Defense (DOD) interoperability requirements.
The JITC conducts testing of national security systems and information technology systems. It undertakes developmental, conformance, interoperability, operational and validation testing. JITC provides services to the Defense Information Systems Agency (DISA), the Department of Defense (DOD), combatant commands and other federal agencies and commercial vendors.
E-Lock Digital Signature solutions are compliant with the JITC (certification by US DOD). Presently Robins Air Force Base uses the JITC compliant E-Lock ProSigner to streamline the procurement process making it completely paperless and secure.
21 CFR Part 11 is a regulation that enables the use of electronic records and signatures in all companies regulated by the FDA. The regulation covers any process that is regulated by the FDA and influences the pharmaceutical organizations, biomedical industries and food manufacturers.
FDA's 21 CFR Part 11 released in 1997, made electronic records and signatures as valid as paper records and handwritten signatures. It allows the use of electronic record-keeping systems in complying with regulations. Part 11 (also known as "Electronic Records; Electronic Signatures" or ERES) refers to any FDA regulation that requires organizations to maintain records.
The Sarbanes-Oxley Act (SOX) is also known as Public Company Accounting Reform and Investor Protection Act is a US Federal law passed in 2002. The legislation is wide ranging and establishes new or enhanced standards for all U.S. public company boards, management, and public accounting firms. There are no direct laws or regulations specifying standards for use of electronic documents, records or signatures.
To comply with the Sarbanes-Oxley Act, it is expected from the public companies to ensure that the electronic records and systems used by these public companies, provide sufficient security in light of potential risk of frauds. Under the compliance of SOX, the majority of internal procedures that have financial imapct have to be verified by internal and external auditors as applicable.