HIPAA Privacy and Internet Standards to Cost Millions
Health care organizations have begun conforming to Internet privacy and standardization rules established by the Health Insurance Portability and Accountability Act of 1996, which will cost the industry billions of dollars, the Silicon Valley/San Jose Business Journal reports. By passing HIPAA, Congress set two goals: to introduce a national standard that would allow health care organizations to easily exchange electronic records and to ensure that "all medical information sent electronically" remains confidential. Toward these ends, the federal government in August released "format standards" for electronic records, and last month HHS introduced HIPAA's privacy regulations. Under the law, these regulations must be implemented within two years by "any organization that transfers patient medical information electronically." The U.S. Office of Management and Budget has estimated that HIPAA implementation will cost the health care industry roughly $3.8 billion over five years after the privacy standards are met, with costs resulting from technological upgrades and "hiring experts to maintain the evolving systems." The San Jose-based HMO Lifeguard recently installed a $28 million system "to allow medical providers to submit claims over the Internet." Holly McCann, the company's vice president and chief legal officer, said that Lifeguard "still has a lot of work to do on privacy," including ensuring that privacy standards are met in all contracts with providers. Still, she concluded, "It's costing a lot of money in the short term, but over time it should save us money" (May, Silicon Valley/San Jose Business Journal, 1/8).
This is part of the California Healthline Daily Edition, a summary of health policy coverage from major news organizations. Sign up for an email subscription.