HIPAA Security Launch Kit
May 18, 2004
Dear Health Care Executive:
At the American Hospital Association (AHA), we frequently hear from hospital executives about their concerns with the security requirements of the Health Insurance Portability and Accountability Act (HIPAA). By April 2005, hospitals must achieve compliance in five areas: administrative safeguards, physical safeguards, technical safeguards, organizational safeguards, security policies, and procedures and documentation.
To help our member hospitals address these concerns, the AHA conducted comprehensive market assessments to find organizations capable of meeting the diverse needs of our members. The nature of the security rule required partners with an in depth understanding of health care, the specifics of the security rule, and how the two will intersect.
In May 2003, the American Hospital Association selected Ernst & Young LLP (Ernst & Young), a nationally recognized organization, as its strategic advisor for HIPAA security services. Additionally, the AHA exclusively endorsed Ernst &Young’s HIPAA Security Services, including risk analysis, gap assessment and all security implementation services.
Ernst & Young’s ability to provide guidance in a clear and thorough manner will help our members with their decisionmaking processes, sequencing of activities, and provide them with accurate investment breakdowns - all of which are necessary to address the HIPAA Security requirements.
To round out the security tools available for AHA members, the AHA has exclusively endorsed selected security solutions from Computer Associates International, Inc. (Computer Associates) - specifically its eTrust™ and BrightStor® lines. The AHA has selected Computer Associates because of its dedication to healthcare along with an experience base capable of helping hospitals understand the rule and implement appropriate solutions to address its requirements.
Computer Associates has software to meet a wide range of security needs - from single sign on to monitoring access controls and intrusion detection to managing complex and diverse storage environments.
To find out more about Ernst & Young’s HIPAA Security Program or Computer Associates’ HIPAA Security Software Program, please feel free to contact Nancy L. Scott by phone at 1-800-242-4677, ext. 2534, or by email at firstname.lastname@example.org. Information is also available at www.ahafinancialsolutions.com.
Melinda Reid Hatton
Vice President and Chief Washington Counsel
American Hospital Association
Brian G. Lane
Assistant Vice President, Technology
AHA Financial Solutions, Inc
HIPAA Security Product Matrix