Automation for Privacy and security compliance.

摘要

THERE HAS BEEN a lack of enforcement of the privacy and security rules ever since HIPAA's inception. As such the adoption of comprehensive H1PAA compliance programs has lagged behind EHR development and implementation.This in turn has caused little funding to be budgeted by providers, large and small, to formally detect, monitor, document, and report on the details of privacy and security incidents and investigations. Processes controlling these tasks have, typically, been manual and relegated to spreadsheets and shared-drive libraries.The picture is becoming strikingly different now that ARRA-HITECH has placed enforcement center stage, mandating comprehensive auditing and establishing substantial penalties for noncompliance with HIPAA regulations. The most noticeable difference between the current state and past years is the introduction and expansion of automated compliance programs involving third parties and computer-based applications.