Health industry group releases draft of security standards

We've been telling you about the new requirements for information security for all healthcare providers--that since healthcare providers are creditors, they need to have identity theft policies in place by next year. Now a group of large healthcare companies is attempting to create a set of security practices that can be standardized. There are advantages and disadvantages to this approach.

For the big healthcare companies, not having to vet every member's security policies would result in a huge savings (though for the members, it could end up being a lot more security than they feel they really need).

The standards, which were just released in draft form from the non-profit Health Information Trust Alliance LLC (HITRUST), are a collaboration from the nine large healthcare organizations that created HITRUST. They hope that the standards will be widely embraced, but only time will tell if smaller organizations will get on the bandwagon.

To learn more about the new draft standards:
- read this Wall Street Journal piece (reg. req.)

Suggested Articles

The profit margins and management of Community Health Group raise questions about oversight of managed care insurers.

Financial experts are warning practices about the pitfalls of promoting medical credit cards to their patients.

A proposed rule issued by HHS on Tuesday would expand short-term coverage, a move Seema Verma said will have "virtually no impact" on ACA premiums.