Does the SHIELD Act apply to health Information, HIPAA-covered entities?
Covered entities and business associates who must follow the privacy and security rules issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) need to be aware of the SHIELD Act. If you are considered to be a HIPAA-covered entity or compliant with HIPAA, you will have satisfied the data security requirements and recommendations under the SHIELD Act. However, this does not mean that you are exempt from the SHIELD Act. HIPAA and the SHIELD Act work together to ensure that data breaches are reported, and patient information is kept secure.
The SHIELD Act does not apply to health information, it does, however, apply to “private information”. When HIPAA requires notification of a breach to the Secretary of Health and Human Services and to affected individuals, the breaching entity, under the SHIELD Act, must also notify the New York State Attorney General of the breach within 5 business days. However, in this situation, the SHIELD Act does not require that affected individuals be notified. This is because HIPAA already imposes that requirement.
What is the New York SHIELD Act?
The Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) was implemented by New York State. This protects and regulates the data security and “private information” of New York State residents. Any person or business which owns or licenses computerized data of a New York State resident must implement and maintain reasonable safeguards to protect the security, confidentiality, and integrity of that data.
Are you SHIELD and HIPAA compliant?
At Globalquest, we partner with our customers to educate, plan, implement and support information technology. We also understand the New York SHIELD Act and HIPAA compliance. We can help you develop a system that will protect your customer’s private information, protects your organization’s continuity, and keeps you SHIELD and HIPAA compliant. We are here to help our clients optimize business performance, reduce operating costs, improve productivity, increase reliability, enhance security, and reduce risk. Reach out to us today for more information.