Return to LYNX Lines Table of Contents
HIPAA: Ensuring Compliance
The April 15, 2007 CIO Magazine article, entitled “The Complying Game” by Allan Homes, discussed a Global State of Information Security (GSIS) 2006 survey, conducted by CIO Magazine and PricewaterhouseCoopers. The survey queried 7,791 respondents regarding security disciplines. Questions included in the survey also focused on compliance with the Payment Card Industry (PCI) Data Security Standard, Sarbanes-Oxley (SOX) Act of 2002 and the nearly 10-year old Health Insurance Portability & Accountability Act (HIPAA).
A staggering 42% of surveyed US healthcare organizations reported they were not complying with HIPAA security laws and regulatory requirements. Among the six categories, the rate for HIPAA noncompliance was far higher than the rest. Another CIO article reported that only 37% of the total GSIS respondents stated they had an overall security strategy. Most stated that they are planning to focus more on tactical fixes than on strategic initiatives.
“Organizations that reported that their security policies and spending are aligned with their business processes experienced fewer financial losses and less network downtime that those that did not.”
CIO Magazine
LYNX is committed to being counted as a proactive, compliant organization responding to HIPAA security and privacy requirements. Security requirements include administration, technical and physical safeguards.
Recent efforts at LYNX have yielded important policy decisions on security and privacy administration. The result is a comprehensive system of policies and procedures to act as a roadmap for short- and long-term adoption of security best practices.