Healthcare security compliance predictions for 2014

PORTLAND, USA: 2013 was a dizzying year for healthcare compliance: the Affordable Care Act, enforcement of the HIPAA Omnibus Final Rule, and ongoing investigations by the Office for Civil Rights (OCR). ID Experts asked healthcare compliance, privacy, and security officers to share their predictions and wish lists for a smoother, more compliant 2014.

Predictions:

• Increased reporting and government enforcement of privacy and security rules.

• More work, higher expectations and no new staff.

• Auditing will intensify.

• More regulations, not new ones. many CEOs and board members resigning because of the new accountability. Compliance officers will be on their own.

• Budget, staff, training, audit help, and software top compliance, privacy, and security officers' wish lists to better manage current programs (complete list here):

• The compliance fairy sprinkling compliance dust and all employees follow the rules. If they don't, they would disappear.

• More staff, proactive access audit software.

• More training; more resources to fund audit trips.

• A new position to be funded: someone to develop privacy training, be the first contact for questions, and assist in the review and investigation of complaints.

 

According to Dr. Cris V. Ewell, chief information security officer at Seattle Children's Hospital:""My wish for my compliance peers is that they have a process and get a tool for managing incidents. RADAR takes the guess work out of risk assessments and helps us systematically review the incidents and stay compliant with the changing laws. Our patients' health and well-being are of utmost importance to us. So is the security and privacy of their information."