AHA Selects Ernst & Young as Member Advisor on HIPAA Security Regulations.Business Editors/Health/Medical Writers WASHINGTON--(BUSINESS WIRE)--July 15, 2003 To help the nation's health care providers with the security requirements of the Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. According to the Centers for Medicare and Medicaid Services (CMS) website, Title I of HIPAA protects health insurance coverage for workers and their families when (HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, ), American Hospital Association American Hospital Association (AHA), n.pr a nonprofit national organization of individuals, institutions, and organizations engaged in direct patient care. The association works to promote the improvement of health care services. (AHA) has selected Ernst & Young LLP LLP - Lower Layer Protocol as its strategic advisor for HIPAA security services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the . Additionally, AHA has exclusively endorsed Ernst & Young's HIPAA security services, including risk analysis, gap assessment and all security implementation services. AHA endorsed Ernst &Young after careful review. On February 20, the Centers for Medicare & Medicaid Services (CMS (1) See content management system and color management system. (2) (Conversational Monitor System) Software that provides interactive communications for IBM's VM operating system. ) published the final HIPAA security regulations calling for compliance in five areas: administrative safeguards, physical safeguards, technical safeguards, organizational safeguards, and security policies, procedures and documentation. Hospitals have two years - until April 20, 2005 - to comply. The AHA chose Ernst & Young as the strategic advisor and endorsed HIPAA security provider for Ernst & Young's developed framework that allows hospitals to assess, control, monitor, and mitigate exposure in information security. Over the next several months, AHA and Ernst & Young will develop joint advisories, checklists, briefings and other documents for AHA members. "Ernst & Young's ability to provide guidance in a clear and thorough manner will help our members with their decision-making processes Presented below is a list of topics on decision-making and decision-making processes: | width="" align="left" valign="top" |
| width="" align="left" valign="top" | "Ernst & Young is honored to have been selected as the strategic HIPAA advisor to the AHA and the HIPAA security provider for AHA membership," said Robert Dongoski, leader of Ernst & Young's HIPAA security advisory services advisory services advisory services provided to the public, in their capacity as owners and managers of animals, are an important part of veterinary science. They may be provided by government bureaux, by commercial companies who deal in pharmaceuticals or animals or animal . Ken Vanderwal, Ernst & Young's national director of HIPAA Services added, "Our people are eager to put our capabilities and experience as industry and HIPAA advisors to work with the AHA membership to address the HIPAA security regulations." Hospitals interested in guidance on HIPAA security compliance can begin the process working with Ernst & Young by performing a security risk analysis. Based on the results of this analysis, Ernst & Young works with hospitals to complete a gap assessment - identify missing HIPAA elements - and create a customized HIPAA security implementation roadmap so hospitals can achieve compliance by April 2005. Among the services available to hospitals are: -- HIPAA Security Risk Analysis - hospitals can identify potential security risk and its impact. -- HIPAA Gap Assessment - helps hospitals identify key gaps comparing the current security environment to what's required for compliance with the regulation. -- HIPAA Security Roadmap - based on the HIPAA Gap Assessment, the roadmap identifies specific initiatives needed and respective resources required to help hospitals achieve compliance. -- HIPAA Security Blueprint - more detailed than the HIPAA security roadmap, the blueprint is intended to be a 'guide' for HIPAA security-related activities providing detailed definition of major activities, resource requirements The components of a system that are required by software or hardware. It refers to resources that have finite limits such as memory and disk. In a PC, it may also refer to the resources required to install a new peripheral device, namely IRQs, DMA channels, I/O addresses and memory and related costs to achieve compliance. -- Implementation Solutions - implementation services for HIPAA security remediation including policies and procedures Policies and Procedures are a set of documents that describe an organization's policies for operation and the procedures necessary to fulfill the policies. They are often initiated because of some external requirement, such as environmental compliance or other governmental , vulnerability management, application security, network security, physical security, and other HIPAA required and addressable Reachable. When something is addressable, it can be identified and manipulated independently of its surroundings. For example, screen pixels and RAM memory are addressable. Each of the screen's picture elements can be individually turned on and off, and each of the memory's bytes can be areas. -- Business Continuity Services - advisory services focused on crisis management, physical security, and the development and deployment of business continuity solutions. -- Technical Access Controls - advisory services on remote access, wireless, single sign and access control solutions. In the coming weeks, AHA members will receive detailed information regarding the resources available to them through this collaboration. For specific information regarding the AHA/Ernst & Young relationship, contact Brian Lane This article is about a fictional detective. Another Brian Lane is in a band called Brand New. Brian Lane is a character in BBC TV's detective show New Tricks. He is played by Alun Armstrong. , assistant vice president of technology at 800-242-4677 or via e-mail at blane@aha.org. About AHA The American Hospital Association (AHA) is a not-for-profit association of health care provider organizations and individuals that are committed to the health improvement of their communities. The AHA is the national advocate for its members, which includes approximately 4,700 hospitals, health care systems, networks, other providers of care and 30,000 individual members. Founded in 1898, the AHA provides education for health care leaders and is a source of information on health care issues and trends. For more information, please visit the AHA Web site at www.aha.org. About AHA Financial Solutions, Inc. AHA Financial Solutions, Inc. (AHA-FSI) is the subsidiary of the American Hospital Association that collaborates with companies to create strategic financial, technology, regulatory, employee benefit, and insurance products and services for health care professionals. It functions as a resource agency to AHA-member hospitals and other health care organizations. For more information, contact AHA-FSI at (800) 242-4677 or visit the Web site at www.ahafinancialsolutions.com. About Ernst & Young LLP Ernst & Young, a global leader in professional services (job) professional services - A department of a supplier providing consultancy and programming manpower for the supplier's products. , is committed to restoring the public's trust in professional services firms and in the quality of financial reporting. Its 106,000 people in more than 140 countries around the globe pursue the highest levels of integrity, quality, and professionalism to provide clients with solutions based on financial, transactional, and risk-management knowledge in Ernst & Young's core services The introduction to this article provides insufficient context for those unfamiliar with the subject matter. Please help [ improve the introduction] to meet Wikipedia's layout standards. You can discuss the issue on the talk page. of audit, tax, and corporate finance. Ernst & Young practices also provide legal services legal services n. the work performed by a lawyer for a client. in those parts of the world where permitted. Further information about Ernst & Young and its approach to a variety of business issues can be found at www.ey.com/perspectives. Ernst & Young refers to all the members of the global Ernst & Young organization. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion