Many of these institutions are not aware of their increased regulatory responsibilities and new guidelines are available to walk them through the compliance. “This is all about managing risk and to minimize the prospects of a beach,” said Lee Barrett, executive director of the Electronic Healthcare Network Accreditation Commission. The public relations impact of a breach questions the respect for an organization, he added. Barrett spoke during the Medical Banking Boot Camp at HIMSS11 in Orlando. More news from the HIMSS11 Conference can be found at http://www.healthdatamanagement.com/himss
Among other issues, the guidelines identify the key players in organizations who need to be part of a financial organization’s compliance activities, and their responsibilities. These players include chief compliance officer/corporate sponsor, HIPAA privacy/security officer, business unit managers/HIPAA liaisons, the legal department, and marketing/product development.
Almost all of these key players also should be part of an organization’s HIPAA incident response team, Barrett said. Marketing could be exempted, but should be brought in if a breach occurs.
The guidelines are available at http://www.mbproject.org/arc_goldseal.php.
--Joseph Goedert
Be the first to comment on this post using the section below.