HIMSS survey respondents put HIPAA at top of priority list

The looming federal patient privacy regulations and approaching compliance deadlines have become the number one IT priority among healthcare providers, according to preliminary results of a survey released Monday at the HIMSS conference.

Analysis of preliminary survey results showed that 61% of this year’s respondents felt upgrading security on IT systems to meet requirements of The Health Insurance Portability and Accountability Act of 1996 (HIPAA) to be the highest IT priority in the coming year, up from 55%. Likewise, 54% believe HIPAA to be the top priority next year as well, up from 51% last year.

Results also showed the following breakdown of IT concerns:

• Deployment of Internet technology, last year’s number one IT concern, was cited by 46% of this year’s participants, compared with 63% in 2000, a decrease of nearly 27%;
• Improvement of information systems departmental services, cost effectiveness, and efficiencies came in at 37%;
• Upgrading infrastructures was picked by 34%; and
• Replacing and upgrading inpatient clinical systems also was a priority at 34%.

Business issues facing healthcare in the next two years followed a similar pattern:

• HIPAA compliance was cited by 79% of participating providers, compared with 70% last year;
• Cost pressures registered the next highest business issue this year (53% compared with 55% last year);
• Improving operational efficiency, ranked second last year at 60%, dropped dramatically, down to 44%;
• Availability and retention of staff was an issue for 44%; and
• Reducing medical errors was a top concern of 41%.

The gravity of HIPAA is clearly evident in this year’s survey, which reflects both a knowledge of the requirements and steps taken toward compliance. Nearly one-third of respondents believe they are highly knowledgeable about HIPAA requirements, while 67% say they are somewhat knowledgeable.

The percentage of participants indicating their facility has already installed security technologies rose to 54% from 43% last year. Another 53% say their organizations have assessed organizational compliance (compared with 37% in 2000), 47% have documented security policies and procedures (39% in 2000), 34% have hired a security officer (27%), and 32% have implemented security policies and procedures (26%).

Surprisingly, 14% report that their organizations have not yet begun preparing to meet HIPAA regulations, an improvement over last year’s 24%.

Vendors’ top business issues closely follow those concerns cited by providers. Vendors responding felt HIPAA compliance to be their number one priority (81%), followed by cost pressures (57%), reducing medical errors (47%), improving operational efficiency (44%), and satisfying customers (40%).

This was the second year that online participation in the survey, sponsored by Superior Consultant and Dell Computer, was opened prior to the annual HIMSS conference. Preconference respondents (470 providers and 205 vendors) were primarily HIMSS members, representing a cross section of senior healthcare executives, IT managers, operations and financial managers, other provider organization professionals, and vendors.

The final results will be available on the HIMSS Web site in early March.