In a recent interview with FierceHealthIT, Mac McMillan of the HIMSS Privacy & Security Policy Task Force spoke about the future of HIPAA, including the HIPAA compliance audit coming this fall, which he said will proceed in two separate steps.
One of the questions posed to McMillan concerned the future of HIPAA in the wake of recent state-specific policies. On the one hand, he says, HIPAA may not be enough to completely cover all security risks throughout the entire country. Large states like Texas and California are contributing to an increasingly complicated discussion regarding possible conflicts in these regulations.
However, McMillan also argues that HIPAA is still important and will have to co-exist with other regulations. States can learn from each other, and policies adopted in places like Florida, which took effect earlier this summer and was said to "change the playing field" in a separate article written by McMillan earlier this month.
"If you're looking at a healthcare entity that does work in a single state, it's challenging, but it's manageable to have a federal regulation and a state regulation," he said. "But if you're looking at a healthcare entity or business associate that does business in multiple states, think of all the different laws they have to manage."
The answer to this, according to McMillan, will simply depend on more action in legislation. But in the meantime, practices have the choice to reach out to healthcare consulting services to improve their chances of passing the audit and making it through the different conflicting sets of regulations. This holds especially true for large providers who have to service a geographically diverse area.