Background

SECURETexas is the first state program of its kind in the country offering privacy and security certification for compliance with state and federal laws that govern the use of protected health information (PHI).

The program, managed by the Texas Health Services Authority (THSA) in conjunction with industry collaborative Health Information Trust Alliance (HITRUST), offers individuals and entities involved in the use of PHI an affordable and officially sanctioned process to ensure they have recognized protections in place.

SECURETexas was created as a result of amendments to the Texas Medical Records Privacy Act and the THSA’s enabling statute in 2011. House Bill 300 (82nd Texas Legislature, 2011) directed the THSA to develop and submit privacy and security standards for the electronic sharing of protected health information to the Texas Health and Human Services Commission. Those standards are designed to comply with HIPAA, the Texas Medical Records Privacy Act, and any other state and federal law relating to the security and confidentiality of information electronically maintained or disclosed by a covered entity.

The standards further ensure the secure maintenance and disclosure of personally identifiable health information, include strategies and procedures for disclosing personally identifiable health information, and support a level of system interoperability with existing health record databases in Texas that is consistent with emerging standards.

THSA selected HITRUST for the development and implementation of the privacy and security certification program. HITRUST is an industry leader in the certification of compliance with medical security law and expanded its offering to include privacy law in 2014. HITRUST’s existing system made for a strong foundation for SECURETexas.

Did you know?

According to the U.S. Department of Health and Human Services, HIPAA violations affecting 500 or more records are up 138 percent since 2012.