Well, someone's going to have a nice holiday present. I'm just glad this one's not addressed to me.
The deadline for complying with HIPAA's data security requirements is just around the corner -- April 2005 -- and more than
a few people have looked at the Federal Register version and thrown up their hands in frustration, incomprehension, or wonder
at where the resources to make it all happen are going to come from.
That's where the holiday present comes in. The Healthcare Security Workgroup is a joint effort of the government's National
Institute of Standards and Technology, the Workgroup for Electronic Data Interchange, and URAC -- a nonprofit accreditation
agency for the health care industry -- and it's working on guidelines for HIPAA compliance that should be out by year's end.
That's a good thing, because it's one thing to specify data protection measures, and it's another thing altogether to translate
that specification into practical action items.
I'm looking forward to seeing the group's handiwork, because it represents an attempt to codify the best practices and flag
the greatest vulnerabilities. I've suggested for years that HIPAA will represent a yardstick for IT security, in much the
fashion that the Tennessee Valley Authority (TVA) was designed to provide a way to gauge the costs of generating power.
I'll find some interesting reading in the Healthcare Security Workgroup's recommendations, but I'm glad that I don't have
to implement them. Something tells me that after the New Year there's going to be a lot of squawking about how HIPAA's looming
deadline needs to slip.
***
Another thing that makes me happy is ending my third tour of duty writing this column. I enjoy doing a weekly column, but
frankly, I'm a little burnt out on the topic after four years. I could tell I was getting stale, because I was tempted to
dust off an old column and see if anyone would notice it. But I never got to find out, because my curiosity is nowhere near
as strong as my love of a regular paycheck.
So, starting in two weeks, Security Adviser will come to you from Bob Francis, a veteran writer in the InfoWorld News department who has covered security since the last century. Give him a warm welcome, won't you?
There is good news for both of you who find me entertaining: I'll continue doing a weekly column online, but with a broader
range of topics. (Translated, that means whatever happens to be ticking me off on a given Tuesday morning. But you already
knew that ….) Readers will have to come find me at InfoWorld.com, at least until someone figures out a way to market an e-mail newsletter around my ranting.
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...
