Written by The HIPAA Security Rules applies to health providers and insurance companies that transmit protected health information in electronic format. The Department of Health and Human Services defines the regulations that apply to covered entities. The Security Rule stipulates the proper safeguards for protected health information relating to the confidentiality provisions of HIPAA. Physicians and Hospital more and more are adopting electronic medical records. It is essential for the organization to provide hipaa training to the information systems department. Many breaches of protected health information are caused by improper server configuration and unsecured files on a web server which is accessible to internet search engines or web bots crawling the web. Web-based EMR systems are much secured. It is almost unheard of that hackers have breached a HIPAA-compliant cloud based system. If you follow the same procedures that you use for online banking, there should be no problem.