Four industry organizations have authored a white paper on how HITECH Act changes to the HIPAA privacy and security rules affect financial institutions.
The paper includes guidance in such areas as HIPAA's application and status, internal reporting infrastructure, risk analysis, technology systems, communications planning, workforce training and third-party compliance tools.
"Banks, revenue cycle management firms and other financial service firms that process protected health information must adhere to the HITECH Act's strict and sometimes complex standards for privacy, security and processing," says Lee Barrett, executive director of the Electronic Health Network Accreditation Commission.
ENHAC authored the paper along with representatives of the HIMSS Medical Banking Project, NACHA-The Electronic Payments Association and the Workgroup for Electronic Data Interchange. The paper is available here.