 |
 |
|
 |
|
|||
|
|||
|
|||
|
|
Companies push outsourced HIPAA solutions
By Brian Fonseca (IDG) -- At the 13th annual Health care Information and Management Systems Society (HIMSS) conference in Atlanta this week, MSPs (managed service providers) Digex and Divine joined Sun Microsystems in announcing separate solutions designed to ease HIPAA (Health Insurance Portability and Accountability Act) implementations through outsourced means. The news underscores the trend of MSPs and large IT vendors joining the rush to help health care companies comply with security and privacy standards set fourth by the U.S. government's looming HIPAA deadline of April 2003.
Sun has bundled a few of its security-related products, including Trusted Solaris, iPlanet software, Java Card smart cards, and Sun Ray thin-client solutions, with transaction-compliance applications from its partners for its HIPAA solution set, said Michael Haymaker, global health care development manager at Sun, based in Palo Alto, California. The hardware and software behemoth will rely on MSSP (managed services security provider) ComTrust to bring online identity management, authentication and authorization, PKI (public key infrastructure), and physician credential verification hosted services to Sun health care customers. At HIMSS, Divine introduced a workflow data collection tool to unify customers' full range of HIPAA internal and external initiatives. The latest addition to Divine's HIPAA services set, the new Web-based tool allows health care representatives to monitor and receive real-time status of compliance efforts, said officials of the Chicago-based MSP. Also at HIMISS, managed hoster Digex announced at HIMSS that its managed security services have been validated to meet proposed HIPAA requirements through an independent assessment by security vendor TruSecure. The validation is Digex's response to customers wary of an MSP's security expertise and compliance with HIPAA planning and implementation, officials said. First created in 1996 by Congress to ensure the protection and confidentiality of electronic health information, HIPAA has forced all facets of the health care industry to undergo a radical transformation of updating antiquated back-end legacy systems and paper-based processes with required technology changes. Although the security portion of HIPAA has yet to be formally established, the government has mandated that doctors, hospitals, and insurance companies must fall under HIPAA compliance no later than April 14, 2003. Failure to comply with HIPAA will result in severe civil and criminal penalties as well as fines as much as $250,000 and imprisonment of as many as 10 years. Government estimates have placed the massive IT overhaul associated with HIPAA regulations in the private and public sectors upwards of $22 billion dollars. Allan Carey, senior analyst at Framingham, Massachusetts-based IDC, said nontraditional security companies wading into a competitive HIPAA-hungry solution market are trying to get a jump by customizing their in-demand management solutions to meet specific HIPAA customer needs. "They're wrapping services around solutions to combine hardware and software because health care will need assistance in deploying solutions, and what they need to do [in order] to meet compliance," said Carey. But Carey noted that because most companies are awaiting the final security regulation disclosure before moving forward, it's too soon to tell how the HIPAA security market will shake out between outsourced solutions and off-the-shelf security products. Still, with HIPAA's deadline less than 15 months away, Jim Quist, CEO of ASP health care data processor, MedeFinance, said time is running out to ensure everyone is on the same security page -- a role he entrusts to his hosting provider, Digex, to take care of. "We handle a tremendous amount of patient and financial detail. Our customers are typically hospitals that can dial in and look at their specific patient detail information out of our databases. Security is absolutely more important than anything we're talking about here, even uptime," said Quist. "It's absolutely critical that a member of one hospital cannot look at [information] from another." |
|
|
||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||
|
RELATED STORIES:
• IBM, Intel push wireless health care initiatives
May 18, 2001 • Will biometrics advance as HIPAA moves ahead? May 14, 2001 RELATED IDG.net STORIES:
• HIPAA help on the way from CompuWare, OpenNetwork
(InfoWorld.com) • Health care industry braces for privacy regs (InfoWorld.com) • Vendors offer HIPAA testing and certification (Computerworld) • Health groups push HHS for quick HIPAA changes (Computerworld) • Bush to push forward on HIPAA (InfoWorld.com) • HIPAA privacy rules under fire in Washington (Computerworld) • GM starts up wireless program for physicians (Computerworld) • Wearable storage device keeps records with patients (Computerworld) RELATED SITES:
• Sun Microsystems
• Digex • divine Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
TECHNOLOGY TOP STORIES:
• Report: SUVs pose danger to cars • New telemarketer tool trumps TeleZapper • Terra Lycos logs $2.2B loss • AOL to offer song downloads • Microsoft seeks fiscal fountain of youth (More) |
||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||
| Back to the top | |
© 2003 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved. Terms under which this service is provided to you. Read our privacy guidelines. Contact us. |
