If
You Thought Y2K Was Disruptive, HIPAA and Sarbanes-Oxley May Be Worse
(Marketing Memo, August, 2003)
The Health
Insurance Portability & Accountability Act of 1996 and the Sarbanes-Oxley
Act of 2002 are wreaking havoc in the business world by making companies
tighten up record keeping and corporate oversight. HIPAA enforces the
use of standards that facilitate the electronic transmission of patient
and other healthcare data. HIPAA also protects patient privacy. SOX
prohibits irregularities in corporate governance and regulates corporate
accounting practices. Companies should be familiar with the provisions
of both of these important acts.
HEALTH
INSURANCE PORTABILITY & ACCOUNTABILITY ACT OF 1996 (HIPAA)
HIPPA,
or the Kennedy-Kassebaum Act, amends the Internal Revenue Service Code
of 1986. HIPAA establishes standards for electronic data transactions
and protects patient privacy. HIPAA applies to physicians, healthcare
organizations, and service providers, including billing services, insurance
companies, and providers of information technology systems.
Transactions
-- Electronic data concerned with patients, administration, and finances
must comply with certain standards. To simplify the transmission of
digital information, patients, providers, employers, and health insurers
must use "unique health identifiers." People who transmit this information
must adhere to security and electronic signature standards.=
Privacy
-- HIPAA prohibits the use of a patient's past, current, or future health
information for marketing purposes. People must secure health information
associated with particular individuals.
SARBANES-OXLEY
ACT OF 2002 (SOX)
The Sarbanes-Oxley
Act or SOX followed on the heels of the Enron and WorldCom, scandals.
Oversight
Board -- SOX creates an SEC directed full-time Oversight Board.
The Board registers, regulates, and disciplines public accounting companies
and ensures that they comply with SOX. The Board also sets standards
for audit reports and preserves the secrecy of company documents. Board
members must be financially independent from public accounting firms.
Auditor
Independence -- Public auditing firms may not generally provide
investment advice or other non-audit services to the companies they
audit. The members of a firm's auditing committee must change periodically.
Auditors may not work for companies whose executives recently worked
for the auditing firm. Periodic rotation of auditing firms may be necessary.
Disclosure
-- CEOs and CFOs must "certify the 'appropriateness of the financial
statements and disclosures contained in the periodic report.'" Furthermore,
officers may not try to influence the auditor's report. Companies must
also disclose off balance sheet transactions.
Illegal
Practices � SOX prohibits the misleading of auditors, and it requires
CEOs to return bonuses based on financial results if the company must
restate its results. Officers and directors may not trade during blackout
periods. They may be severely penalized for violating SOX.
One software
executive finds HIPAA more disruptive than Y2K. Winett Associates can
help you identify other external factors that affect your operations
and your marketing strategy.
|