Many companies that do business with health care providers are unprepared to comply with the strengthened health data protection rules included in the federal economic stimulus package, according to a new HIMSS Analytics survey, Healthcare IT News reports (Monegain, Healthcare IT News, 11/17).
HIMSS Analytics is the research arm of the Healthcare Information and Management Systems Society. The security vendor ID Experts sponsored the study.
For the study, HIMSS Analytics interviewed 150 hospital IT executives and 26 business associate firms.
Business associates contract with health care providers to provide services such as billing, claims processing, data analysis and practice management (Goedert, Health Data Management, 11/17).
Findings
Researchers found that about one-third of business associates are not aware that they need to comply with the HIPAA privacy and security regulations. About 87% of health care providers are aware that they must abide by the HIPAA rules.
The survey also found that:
- 90% of hospitals are working to change policies and procedures to prevent data breaches;
- 85% of health care providers plan to take steps to protect data held by business associates;
- 68% of hospitals said the stimulus package will lead to more data breach reporting; and
- 47% of hospitals said they would terminate a contract with a business associate that violated the data breach protection rules (Wagner, InformationWeek, 11/17).