AuntMinnie.com: What impact will the HIPAA privacy and security regulations have on PACS?
Tucker, Agfa: The impact will be far-reaching. There are number of technologies out there that will enable vendors to provide the level of security needed for HIPAA, so we expect that these will be fairly rapidly deployed. However, having been through the Y2K problem and watching people’s focus get distracted with fixing all of their legacy systems, we’re somewhat concerned that HIPAA will have the same effect. Being a relatively new technology, PACS may find itself as less of a priority.
Larson, Kodak: It could be a significant challenge for all concerned parties, especially if the industry participants all address the challenge in unique, disparate ways. On the other hand, if we are able to take advantage of the collective wisdom through groups like National Electrical Manufacturers Association (NEMA), which has a medical informatics group that is working toward common approaches to HIPAA compliance, both suppliers and customers should benefit through more efficient, cost-effective solutions.
Hullihen, Marconi: HIPAA is an enterprise requirement, so when you talk about PACS, it’s just a corner of the landscape of an enterprise’s requirement to protect the security of their medical records. With the healthcare enterprise just being driven through their own Y2K adventures, they’ve learned how to organize themselves for enterprise-wide IT issues. Quite a few enterprises view this as another or the next enterprise-wide solution to a problem.
Milan diPierro, Philips: Various sources estimate the expense of meeting HIPAA to be double or triple the cost of Y2K compliance. Due to the mobility and high turnover of residents, medical students, and others who legitimately require access to medical images, maintaining access control lists on a file or examination basis will seem administratively almost insurmountable.
For instance, when a resident rotates from gynecology service to neurology, his/her access requirements change. Further, cross-coverage of ER and ICU by other residents makes highly restrictive access to the image data base a clinical concern.
Primo, Siemens: HIPAA will probably promote the proliferation of PACS and IT in the enterprise, by providing the required legal framework for electronic image and document management. Many issue such as, but not limited to, security and confidentiality are addressed by this federal law. When purchasing PACS today, one should make sure that the system can provide the enabling IT infrastructure for the institution to achieve HIPAA compliance, or has planned upgrades to achieve this enabling infrastructure. IT is only part of HIPAA enabling; the institution will have to create all the organizational processes to comply.
Next page: How far has systems integration evolved in PACS?
Copyright © 2001 AuntMinnie.com
