Should Feds Remove Small Practices from Red Flags Compliance?
However, Berry says recent FTC research identified the severe problem of organizations not ensuring that their business associates (BAs)/service providers have adequate identity-theft safeguards in place within their software systems and networks for peer-to-peer (P2P) file sharing.
Berry cited "improper release or theft of an individual's personal financial information" as the core reason behind the Red Flags Rule.
"Continual delaying the enforcement of the Red Flags regulations jeopardizes tens of thousands of individuals' personal financial information," Berry says. "This confidential personal financial information is potentially being transmitted across non-secured networks between a business and their business associates/service providers, which also may have weak internal controls programmed into its P2P software."
The responsibility to comply, Berry says, should be on the BAs/service providers to add identity theft prevention safeguards to their software program and to add more security features to their networks.
Agreements with BAs and service providers should include requirements for the BAs, Berry says, "to take adequate safeguards to ensure that the businesses' customer's personal financial information is secured along with the customer's personal health information as required by HIPAA."
Dom Nicastro is a contributing writer. He edits the Medical Records Briefings newsletter and manages the HIPAA Update Blog.
- Antibiotic Overuse a 'Huge Threat' to Patient Safety, Says CDC
- 3 Traits Personality Assessments Can't Reveal
- Consumerism Drives Healthcare Branding, Rebranding Efforts
- CHS Hacked, 4.5M Patient Records Compromised
- PA Ranks See 'Phenomenal Growth,' Lack of Diversity
- Business Roundup: M&A Activity Down Slightly in First Half of 2014
- CFO Exchange: Healthcare Leaders Share 5 Innovative Ideas
- CFO Exchange: Smartphones Poised to Disrupt Healthcare, Says Topol
- Large Employers Trimming Healthcare Spending
- 3 Things the Ice Bucket Challenge Can Teach Hospital Marketers