Independent accrediting agency URAC is seeking comments on draft revisions to its Health Insurance Portability and Accountability Act privacy and security standards.
The changes reflect requirements established in the American Recovery and Reinvestment Act of 2009, URAC said in its draft revisions. Under the law, business associates of covered entities will have to comply with security standards as well as additional privacy standards based on their access to electronic health information. URAC said updating its standards will help ensure accredited organizations meet the act's requirements.
Comments are due by Aug. 3, and the organization expects to have a final draft ready for its board of directors to review in October. URAC last updated its HIPAA-related standards in October 2008.