Sunday, February 28, 2010

Start ARRA Awareness Training Now

By Mark Brousseau

If they haven’t done so already, companies in the healthcare space should conduct organizational awareness training on ARRA and HITECH, Mary Rita Hyland, AVP, regulatory affairs, The SSI Group, Inc., told attendees at the Medical Banking Project Boot Camp at HIMSS10 this afternoon.

Organizations also should conduct a HIPAA and HITECH gap analysis to identify any products, procedures and services that need to be updated and modified, Hyland told attendees. As part of this exercise, organizations need to identify and coordinate technical or product updates, as well as coordinate and implement policy and procedural updates. “Operationally, ensuring compliance with HITECH’s security and privacy provisions is, to a large degree, an IT function,” Hyland noted.

Once they’ve reviewed their systems, policies and procedures, organizations need to audit and assess their compliance. “You don’t want to wait for an audit to be done on you by a whistleblower or someone else in the industry who doesn’t believe you are in compliance,” Hyland warned. “Audits are going to be important in meeting the guidelines and maintaining your compliance.”

No comments: