According to HHS estimates, the healthcare industry will spend $3.8 billion complying with privacy provisions enacted by the Health Insurance Portability and Accountability Act of 1996. As organizations prepare to implement HIPAA's aggressive regulations, many administrators are evaluating what financial and other steps to take.
"Those who have read the draft regulations on security and the final regulations on privacy know there's some overlap," says William Sheffel, business development manager of healthcare at Veritect, a Reston Va.-based consulting and network security firm. "As each one of these regulations has been released, people are trying to get organized to begin addressing this issue now and in the future."
In his HFMA seminar, "HIPAA Privacy and Security Issues," set for 2: 45 p.m. to 4: 45 p.m., Tuesday, June 19, Sheffel will outline key information security requirements in HIPAA to evaluate the merits of internally managing and maintaining compliance compared with outsourcing key portions of the security and privacy requirements.
The presentation, which is targeted at compliance officers, information technology staff and financial managers at the operational and advanced level, will also address how administrators can establish a baseline for tracking their compliance progress.
"One of the things that seems to be true of the regulations right now is that they are going to be living regulations that will change over time," Sheffel says. "So (administrators) need to build a knowledge base in terms of how they got to where they are and understand what their baseline is so they can take steps to improve their baseline."
In examining the processes administrators must employ to meet HIPAA standards, Sheffel says, financial managers in particular will be interested in the pros and cons of outsourcing as opposed to adding staff to meet the new federal requirements.
He says for some organizations outsourcing could be more cost-efficient for meeting HIPAA standards. In fact, he says he sees outsourcing as a growing trend among administrators who are internally managing and maintaining compliance.