RE: [ISN] Navigating the HIPAA Hype

From: InfoSec News (isnat_private)
Date: Wed Jun 13 2001 - 20:32:32 PDT

Next message: InfoSec News: "[ISN] Security UPDATE, June 13, 2001"

Previous message: nemoat_private: "Re: [ISN] Pentagon Reverses Order to Destroy Old Hard Drives"
Maybe in reply to: InfoSec News: "[ISN] Navigating the HIPAA Hype"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded by: joel garmon <jgarmonat_private>

I have a pretty good background in computer security and have been
dealing with HIPAA for almost 2 years now.  I agree that the security
portion is not rocket science and are things that we should be doing
now anyway.  The good thing about HIPAA is that I can say "Look, it is
not just me stating this, it is now the law." when I want to get
things done.

The real impact to organizations dealing with HIPAA is the privacy and
transactions rules -- and they ARE final.

joel garmon


From 
http://networkcomputing.com/1212/1212colshipley.html

June 11, 2001
By Greg Shipley 
..
When I started investigating the Health Insurance Portability and
Accountability Act (HIPAA), I was intrigued; HIPAA seemed to be one of
the first real steps in the right direction. But anyone who's worked
with the regulations will tell you: HIPAA has ruffled feathers. Its
scope will touch organizations both large and small, and a number of
deep-rooted problems will need fixing. Of course, if pain proves
profitable, you'll find businesses there to capitalize on it. Over the
past 12 months I've been bombarded by news releases rambling on about
HIPAA offerings: compliancy checks, audits, industry-expert
availability and a variety of other HIPAA-related services. Accounting
firms, consulting houses and other vendors are all looking to get a
piece of the chaos, uh, I mean, action ... and the foul stench of FUD
is in the air.

Although I welcome much of what HIPAA is attempting, there's one major
point the sales and marketing pimp squads continue to ignore: Many of
the proposed "standards" haven't been ratified yet. Of the seven
sections that comprise the "Administrative Simplification" portion
(which affects IT heavily), only two standards have achieved "final
rule" status. More comical is the lack of people who have read the
drafts -- many "experts" haven't even read word one.

[...]




ISN is hosted by SecurityFocus.com
---
To unsubscribe email isn-unsubscribeat_private

Next message: InfoSec News: "[ISN] Security UPDATE, June 13, 2001"
Previous message: nemoat_private: "Re: [ISN] Pentagon Reverses Order to Destroy Old Hard Drives"
Maybe in reply to: InfoSec News: "[ISN] Navigating the HIPAA Hype"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jun 13 2001 - 23:34:26 PDT