The Healthcare Information and Management Systems Society has released a white paper that offers guidance for financial institutions seeking to comply with HIPAA and HITECH privacy and security standards, Health Data Management reports.
Details of White Paper
The paper -- titled, "Compliance Guidelines for Financial Institutions in the Healthcare Sector: HITECH and the HIPAA Privacy and Security Rules" -- was developed by:
- The HIMSS Medical Banking Project;
- The Electronic Healthcare Network Accreditation Commission;
- NACHA -- The Electronic Payments Association; and
- The Workgroup for Electronic Data Interchange.
The paper aims to help financial institutions determine whether they are considered covered entities or business associates under HIPAA.
Recommendations
For organizations that are considered covered entities or business associates, the paper offers recommendations for:
- Establishing compliance program governance;
- Performing a risk audit;
- Updating information systems;
- Setting up communication plans; and
- Training employees (Goedert, Health Data Management, 8/21).