Guidelines for HIPAA compliance in the works – Computerworld

Guidelines for HIPAA compliance in the works – Computerworld

Health care organizations looking for more information on how to comply with HIPAA security mandates may soon get more help.

URAC, a nonprofit accreditation agency for the health care industry, along with the Workgroup for Electronic Data Interchange and the National Institute of Standards and Technology, is developing guidelines for implementing HIPAA security policies.

The Healthcare Security Workgroup, which the three organizations created earlier this year, met in Washington last week to discuss how to consolidate industry best practices and security standards into a set of easily implemented instructions. The goal is to give organizations subject to the Health Insurance Portability and Accountability Act something they can use to ensure compliance with the law’s security requirements by the April 15, 2005, deadline, said Adam Stone, a member of the workgroup. The group aims to deliver the guidelines by the middle of next year.

“No standard measures exist in the health care industry” to implement HIPAA’s security requirements, Stone said. “One of the major problems with the rule is that it is so broad. There are a million different ways to approach it in terms of compliance.”

Getting these standards formalized is going to help make it a lot easier to figure out how to be HIPAA compliant.

Sorry, comments are closed for this post.