Exactly how clinical engineers and BMETs make sure their operations comply with HIPAA continues to be somewhat of a guessing game. Yet the security rule — the provision that will have the biggest impact on the medical device service industry — continues through its paces, with the final version poised for publication this spring. From there, it’s a 24-month countdown to compliance deadline. How far along are your preparations?

 The anticipation surrounding the release of a new set of rules regarding the security of information residing on medical devices is like that old ketchup commercial, the bottle poised over a juicy hamburger while the pourer focuses his attention on the sweet red sauce taking its time to ease its way out of the last few inches of the bottle’s neck and onto his lunch. Patience is a perquisite and for that perseverance, he’ll end up with a dramatically different taste experience.

So, too, is the reality facing the medical device industry, which is eagerly, perhaps anxiously, awaiting publication of final security rule under the Health Insurance Portability and Accountability Act (HIPAA). Life will be different.

The occasional blurring of the lines between those who fix medical devices and those who fix computers will come with more frequency. The rush to make sure the Y2K bug didn’t cause widespread failures — and the cost associated with that rush — will be a drop in the bucket when compared with this. Every piece of equipment one lays his or her hands on, just about every task that comes in a day’s work, will require concern for the protection of patient information, its accuracy, its ability to be identified with an individual, its accessibility and its overall security.

Coming soon to a hospital near you
Exactly how that gets accomplished, how clinical engineers and biomedical engineers make sure their operations are HIPPA-compliant, has been somewhat of a guessing game. Those monitoring implementation of three critical rules by the Department of Health and Human Services in the past year have been laying the groundwork for how this industry reacts to the new laws.

The biggest piece as far as the medical device service industry is concerned, the security rule, is poised for final publication. It was slated as a late Christmas present, due by Dec. 27, 2002. A couple of weeks later though, on Feb. 13, the White House Office of Management & Budget, Office of Information and Regulatory Affairs received it for review. The rule is expected to be published in the Federal Register anytime within 90 days from that mid-February date.

To purchase the full text of this article, click here…