Industries :: Healthcare      
HealthcareHealthcare

Healthcare firms, whether healthcare providers, or payers (insurance firms), are subject to the numerous compliance regulations. Outsourcing of business processes is a growing trend in healthcare, as providers and payers seek to streamline business processes and reduce costs. Outsourcing examples in healthcare include medical transcription services, billing services, clearinghouses, and payroll services.

The healthcare industry is subject to the Health Insurance Portability and Accountability Act (HIPAA) Security and Privacy rules. These regulations provide privacy rights and protection for healthcare consumer’s protected health information (PHI, or EPHI for electronic information). In addition, the regulations are very specific regarding requirements for IT security. The HIPAA Security rule includes 74 specific requirements, spanning Administrative, Physical, and Technical Safeguards. The HIPAA Administrative safeguards specify that covered entities must perform risk assessments, manage security risks, and assess application and data criticality. They also require organizations to assess which of their business partners have access to the organization’s EPHI, and to execute Business Associate Agreements with business partners ensuring that the partner will appropriately safeguard the information. The Department of Health and Human Services administers the HIPAA regulations.

Beyond HIPAA, healthcare organizations may also be subject to compliance regulations such as SOX, FISMA, PCI, and GLBA, depending on whether they are part of a publicly traded organization, are a government healthcare entity, accept credit cards for payment of services, or store personal financial data on consumers in the course of their business.

While healthcare firms are not subject to audits by regulators, there are fines associated with HIPAA non-compliance. In addition, other negative consequences of non-compliance or of a public security breach apply, including brand damage and loss of market capitalization.

The ControlPath Compliance Suite can greatly benefit healthcare organizations struggling to adhere to the HIPAA Privacy and Security rules, and more effectively assess risk and manage their security program. ControlPath enables a single compliance and risk management process to ensure compliance with multiple regulations simultaneously. ControlPath increases the effectiveness and decreases the cost of compliance for healthcare providers and payers.
ControlPath Resources

Department of Health and Human Services

HIPAA Regulations and Related Links

Enterprise Management Associates: Second Generation Compliance Management Tools Deliver Automation

Hipaa.org

Workgroup for Electronic Data Interchange
ControlPath Press Releases

ControlPath Signs Three Fortune 100 Firms For Its Compliance Automation Suite

ControlPath Joins BITS, First Software Provider to Integrate SIG, AUP for Financial Institutions and Service Providers

ControlPath and Borderware Partner on Compliance

FirstAdvantage Selects ControlPath Compliance Management Tools
ControlPath in the News

IIA Journal: The Benefits and Challenges of Compliance Automation

IT Business Edge: ControlPath: Still Too Much 'Work' in Compliance

Network World: Progress slow on compliance front

SOX Compliance Journal: Graphical Modeler Saves Time & Money Deploying Compliance Management Software
ControlPath Events

POWER-GEN International Competitive Power College Course

IIA Seminar- Los Angeles Chapter

ISACA Los Angeles 2008 Spring Conference

ISACA Phoenix Chapter Meeting

IndustriesSolutionsResource CenterPartnersSupportComapnyPress RoomContact Us
Copyright ControlPath, Inc. 2006-08