If health care providers are in compliance with Joint Commission standards, won that cover HIPAA compliance?
Probably not.. While current Joint Commission standards address information security, they aren’t as specific as HIPAA. For example, relevant JCAHO standards read: I.M.2.2: Systems are designed to allow timely and easy use of data without compromising security and confidentiality. I.M.2.3: Information is protected against loss, destruction, tampering, and unauthorized use. RI 1.3: Hospital demonstrates respect for patient privacy and confidentiality. Also note that accredited hospitals are required to comply with state and federal laws and regulations. The Joint Commission has indicated it is comparing its current standards and survey processes to HIPAA requirements. It is likely that accredited organizations can expect to see a more intense focus on information security in the survey process, although the Joint Commission is not the enforcement authority for HIPAA.
Probably not.. While current Joint Commission standards address information security, they aren’t as specific as HIPAA. For example, relevant JCAHO standards read: I.M.2.2: Systems are designed to allow timely and easy use of data without compromising security and confidentiality. I.M.2.3: Information is protected against loss, destruction, tampering, and unauthorized use. RI 1.3: Hospital demonstrates respect for patient privacy and confidentiality. Also note that accredited hospitals are required to comply with state and federal laws and regulations. The Joint Commission has indicated it is comparing its current standards and survey processes to HIPAA requirements. It is likely that accredited organizations can expect to see a more intense focus on information security in the survey process, although the Joint Commission is not the enforcement authority for HIPAA.
