The privacy and security regulations mandated by the Health Insurance Portability and
Accountability Act of 1996 (HIPAA) are of great importance to the healthcare community. In an
effort to assist Academic Medical Centers in addressing the new regulations, a series of
workshops were conducted to analyze current health information security and privacy polices, to
make recommendations, and to develop a resource of best practices for healthcare security and
privacy. This document,
Guidelines for Academic Medical Centers on Security and Privacy
the result of a collaborative effort by multiple teaching hospitals and medical schools to address
their unique concerns in this area.
How are Academic Medical Centers different from other health care providers?
The tripartite mission of Academic Medical Centers (AMCs) - education, research, and patient
care - distinguishes them from peer institutions which are concerned primarily with patient
care. In the past two decades, the ability of AMCs to sustain these multiple missions has been
severely tested by changes in health care financing and regulation. Their history, governance,
constituency base, and position in society present unique challenges to successfully navigating
change. Implementation of the HIPAA security and privacy regulations, too, will face unique
barriers. Yet AMCs also have characteristics that give them advantages over other health care
provider organizations in this area, and provide an opportunity for AMCs to lead the effort to
ensure the privacy, security, and confidentiality of patient information. The following lists
summarize these potential barriers and opportunities.
AMCs: Unique Opportunities to Lead HIPAA Compliance