BWH is moving forward to comply with the regulations of the Health Insurance Portability and Accountability Act (HIPAA), which went into effect on April 14. The hospital plans to complete all steps over a two-year implementation period, as permitted in the detailed regulations.
The main focus of HIPAA is administrative simplification. The act was created to encourage organizational, process and technology change in order to reduce health care costs. The regulations standardize information exchanges and establish standards for the privacy and security of protected health information. There are three main components to HIPAA—transactions and code sets and unique identifiers, privacy and security.
Security and privacy regulations will be of particular importance and relevance to most BWH employees. Some of the security initiatives to be launched will include the development of an information security structure; general, network and application security policies; guidelines for “chain of trust” agreements with covered business partners; a security and awareness training program; a business impact analysis; and more.