The AHA recently sent CEOs of all member hospitals a packet it called a "HIPAA security launch kit." By April 2005, hospitals must meet HIPAA requirements in five areas: administrative safeguards, physical safeguards, technical safeguards, organizational safeguards, security policies, and procedures and documentation. Though the HIPAA legislation passed in 1996, HIPAA compliance hovers just under 60%. The AHA kit recommends advice from Ernst & Young LLP and software from Computer Associates International Inc. Last year, AHA selected both firms for helping hospitals to achieve HIPAA compliance.
For a description of the kits sent to CEOs, click here.