Privacy Push – Department of Health and Human Services Stepping Up Compliance Requirements. With Deadlines Looming, Expert Rebecca Herold Sheds Light on Issues At-Hand.

Healthcare organizations, and all companies doing any level of business with healthcare organizations, will soon be held to stricter information security and privacy requirements, as electronic health records become the mandated industry standard. Many small- and medium-sized organizations are now facing a challenge – how to be compliant with new laws when they don’t have the staff, budget or systems in place to make that happen.

Des Moines, IA, July 30, 2010 --( Many outside businesses doing work for healthcare companies may not be aware of their obligations to comply with HIPAA, HITECH and the Red Flags Rule. This includes organizations that provide billing support, help desk services, insurance claims processing, medical transcripts, etc.

“The Federal government announced changes to HIPAA earlier this month that won’t take place right away, but they’re certainly on the horizon and organizations will be required to have systems in place to address them. Those types of programs take time to establish – companies must have a resource that understands the laws, takes action to address them, and ensures patient trust throughout,” says Rebecca Herold, an authority in the field of information security and privacy. “They also emphasized that there are current HIPAA and HITECH requirements that are already in effect.”

Herold developed content for the recently released Compliance Helper (, a new internet-based service that provides companies with all the tools they need to quickly, easily and affordably tackle the new HIPAA, HITECH and Red Flags Rule requirements. The program includes customizable policies and procedures, forms, step-by-step direction to perform a gap analysis, and direct access to an expert for personal assistance. For the smallest of businesses, there’s even a co-op version that capitalizes on large-scale efficiencies for a modest investment of $125, then $35 per month thereafter to maintain compliance.

“Effective patient data management is a vast and challenging matter. There are many requirements, but there is absolutely no room for error when it comes to safeguarding patient information,” says Herold. “We’ve seen stories about swift and severe consequences – including large fines and public relations nightmares – for making simple, easily avoidable mistakes resulting in information security and privacy breaches. Companies lose business, employees lose jobs and everyone associated loses credibility. Especially in this economy, no one can afford that. Plus, healthcare organizations risk losing government funding if they aren’t in compliance.”

Related reading:

Rebecca Herold & Associates, LLC - The Privacy Professor
Rebecca Herold