HIPAA news
HIPAA advisory
HIPAAdvisory > HIPAAnews Phoenix Health Systems
news
regs
action
tech
views
wares
alert
live
notes
latest
online HIPAA training
HIPAAstore
HIPAA help desk
search
contact us
site map

Gartner Survey Reveals Most HCOs Unlikely to Meet HIPAA Compliance Deadlines;
Says Effective One-Year Delay Is Needed

May 2, 2001--With less than 18 months remaining until the compliance deadline for the Health Insurance Portability and Accountability Act (HIPAA) transaction regulations, 75 percent of healthcare organizations (HCOs) have not completed assessments of their current environments and risks, according to a recent survey by Gartner, Inc. (NYSE: IT and ITB).

Without an effective delay, HCOs must aggressively begin compliance efforts within the next three months or miss the deadline and risk incurring high penalties and financial damage.

"Unless there is an immediate call to action by HCOs, only a few HCOs will be able to make the deadline. Compliance will be rushed in a way that necessitates hacked approaches, thus sacrificing many of the potential benefits of HIPAA," said Matt Duncan, research director and co-author of the survey. "Whether an extension is granted or enforcement of the regulation is delayed a year, we believe an effective one-year delay is necessary."

One positive result from the survey is that the past three months have brought significant advancement in the numbers of HCOs that have at least started the early awareness tasks required for HIPAA compliance. Moreover, according to Gartner, a finding that almost one-half of HIPAA compliance officers now report to either their CEO or a senior management committee offers evidence of an increasing understanding of HIPAA's strategic significance to many HCOs (as opposed to it being viewed solely as a conformance issue, such as the year 2000 crisis).

However, other key findings in the report indicate an industry unlikely to meet current deadlines:

  • Only 27 percent of HCOs have begun preliminary budgeting efforts for their compliance activities
  • Fewer than 30 percent of HCOs have begun formal HIPAA education programs for their employees.
  • Only 9 percent of HCOs have completed privacy assessments.
  • Only 11 percent of HCOs reported any activity toward obtaining vendor contractual commitments for HIPAA compliance.
  • Payers (42 percent) are almost four times as likely as providers (11 percent) to have completed transaction/code set assessments. Thus, even if payers are ready by the deadline, their provider networks may not be ready to submit standardized transactions, necessitating complex and costly workarounds.

Gartner launched its first quarterly HIPAA Panel Study in the fall of 2000, to assess how the healthcare industry is responding to existing HIPAA transaction and
pending security and privacy regulations. Gartner will continue quarterly reporting on the industry's overall progress, tracking it against Gartner's HIPAA
Compliance Progress and Readiness (COMPARE) scale.