|
New Jersey
Substance Abuse Monitoring Systems (NJ-SAMS)
Data Security
Substance abuse treatment providers in New Jersey and other states must comply with federal law regarding
the confidentiality and security of health information. All substance
abuse treatment programs receiving federal funds directly or indirectly are subject to 42 CFR Part 2
and most are subject to the HIPAA Privacy Rule.
The
implementation of HIPAA will require all of us who use and transmit
health information to review our policies and procedures to insure
compliance with existing and new regulations. For those of us who work with substance
abuse patients, the regulations on the use of health data introduced
by HIPAA are not significantly more restrictive than the requirements
of 42 CFR Part 2. Protecting patient confidentiality is and has been a high priority, as
well as the law for substance abuse providers. HIPAA does, however, directly address
the privacy issues involved in "electronic transmissions" which are
not explicitly covered in 42 CFR Part 2.
NJ-SAMS, the web based
treatment reporting system being implemented by the Division of Addiction
Services, has been developed with a strong emphasis on
the security of transactions.As required by HIPAA, two levels
of login and password protect all access to the web forms and
data is encrypted and sent via secure web pages between the
treatment provider's computer and the NJ-SAMS web server. Information transmitted from the web server
to the local site is encrypted as well. The NJSAMS servers
are protected by a firewall that monitors every transaction and protects the database from hackers, viruses, and
other illegal access. The MS SQL database provides another level of security to limit access to
records and fields to only those users with defined
rights to view data. NJ-SAMS provides the ability to delete personal identifiers for those patients who do
not permit the transmission of these identifiers to NJ-SAMS. No data is transferred
to another treatment program without an indicator in NJ-SAMS that the provider has obtained
the signed consent of the patient.
We hope that this information helps you understand the changes introduced by HIPAA relating to patient
records generated in the substance abuse treatment process and the security
measures implemented in NJ-SAMS. |