The paper--developed by HIMSS Medical Banking Project, the Electronic Healthcare Network Accreditation Commission, NACHA – The Electronic Payments Association and the Workgroup for Electronic Data Interchange--is designed to aid in assessing an institution’s classification as a covered entity or business associate under HIPAA. It then gives recommendations for setting up compliance program governance, performing a risk audit, updating information systems, developing communication plans, and training the workforce.
Also tackled are setting up a compliance infrastructure that includes an internal reporting structure, and using independent third-party software and tools to assess compliance programs.
The white paper, “Compliance Guidelines for Financial Institutions in the Healthcare Sector: HITECH and the HIPAA Privacy and Security Rules,” is available at no cost here.
Be the first to comment on this post using the section below.