Learn about membership options orRegister for a non-member account
Log in / Register
Login / Register
Is anyone else wondering how URAC’s recent revision of HIPAA privacy and security standards might affect the healthcare marketplace The nonprofit accreditation organization—which based its revisions on provisions set forth in the HITECH Act—has extended all of the privacy and security standards to include “business associates” of covered healthcare organizations. It’s also edited the standards to clarify their intent, adding seven new standards in the process.
I know, I know: the industry very much needed clarification in this regard. But while it’s great to extend liability to include vendors and others that sell into and service the healthcare space, what about these seven new standards regarding data breaches As Infosecurity reports, “URAC defines a business associate as ‘a person or organization, other than a member of a covered entity's workforce, that performs certain functions or activities on behalf of, or provides certain services to, a covered entity that involve the use or disclosure of individually identifiable health information.’ “’In addition, there are seven new standards about how to handle data breaches, including breach mitigation plans and impact analysis,’ (Christine Leyden, URAC chief accreditation officer) told Infosecurity. There are also new standards for health information exchanges, which enable the electronic transfer of healthcare information across organizations, she added.” Don’t get me wrong: I’m a huge proponent of effective safeguards for patient data privacy and security, and I welcome the clarification along these lines. But there’s been a lot of industry chatter about innovation, too. And while I certainly don’t expect any of the established players in the healthcare space to back away from their plans to change the industry, I can’t help but wonder what affect additional breach rules might have on smaller or mid-sized companies, who may be eyeing healthcare as the next logical extension of its business model. Then again, every game has its rules, and anyone looking to do business in healthcare should know as much going into it…What do you think
Photo obtained from Real Tech Solutions.
More information about formatting options