Skip to main content Back to Top


HIPAA Compliance Cited as Top Business Concern by IT Chiefs

Kate Traynor

A recent survey found that eight out of 10 computer executives in the nation's health care facilities believe that compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) will be their biggest business issue for the next two years.

Sixty percent of the survey respondents said that an upgrade in the security of their information technology system to meet HIPAA requirements will be their top priority.

These findings were presented in the 13th annual HIMSS Leadership Survey, which was conducted for the Healthcare Information and Management Systems Society by Superior Consultant Co. of Southfield, Mich. Four thousand information technology executives, each representing a different health care facility, were asked to participate in the Web-based survey. A total of 355 executives, most of whom worked at a hospital, completed the survey.

Virtually all of the survey respondents said they were at least "somewhat knowledgeable" about the HIPAA requirements concerning the security of patients' medical information. Over a third considered themselves "highly knowledgeable" about the regulations.

Fifty-four percent of the information technology executives indicated that their institution has already installed "security technologies" to comply with HIPAA. Nearly 60 percent have a documented security program in place, and 70 percent have assessed their organization's compliance with the HIPAA security regulations.

Another major focus for information technology professionals was patient safety. Fifty-six percent of those surveyed indicated that the use of technology to reduce medical errors and promote patient safety is a top priority. A little over half of the respondents indicated that a reduction in medical errors is among their biggest business concerns for the next two years.

About three out of four respondents considered clinical information systems to be among the most important technologies to have in place over the next two years. Fifty-five percent stressed the importance of point-of-care decision-support systems, and 31 percent indicated that decision support in general is a top priority at their facility.

This year’s survey participants seemed to be growing comfortable with issues related to the security of medical information. HIPAA-related security concerns, security breaches, system adequacy, and all other security issues that were raised in the survey did not seem as worrisome to this year’s respondents as they did to last year’s. But the method of conducting the survey changed this year, so a direct comparison with last year’s results may not be accurate.