Paper Gives Health Privacy & Security Guidance for Financial Institutions

A new white paper from the Healthcare Information and Management Systems Society offers guidance for financial institutions to comply with HIPAA and HITECH privacy and security requirements.

The paper--developed by HIMSS Medical Banking Project, the Electronic Healthcare Network Accreditation Commission, NACHA – The Electronic Payments Association and the Workgroup for Electronic Data Interchange--is designed to aid in assessing an institution’s classification as a covered entity or business associate under HIPAA. It then gives recommendations for setting up compliance program governance, performing a risk audit, updating information systems, developing communication plans, and training the workforce.

Also tackled are setting up a compliance infrastructure that includes an internal reporting structure, and using independent third-party software and tools to assess compliance programs.

The white paper, “Compliance Guidelines for Financial Institutions in the Healthcare Sector: HITECH and the HIPAA Privacy and Security Rules,” is available at no cost here.