India's No. 1 Newspaper for the Healthcare Business          
  About Us | Feedback | Contribution | Subscribe | Advertise | Archives Issue 16 - 31 Aug 2001
  Different Strokes


Home > Medtech > Full Story

E- health and HIPAA :Implications for healthcare vendors in India

Many of the Indian vendors typically approach HIPAA as a technology issue, when it is in reality an enterprise wide issue. The software houses are hardly conversant with other standards in the healthcare space such as HL7, DICOM or a host of other industry related jargon, which is a huge disadvantage

Dr Saji Salam

With the introduction of the Health Insurance Portability and Accountability Act (HIPAA) the healthcare delivery system in the United States is facing the prospect of significant transformation. HIPAA, also known as Kennedy Kassebaum Bill, enacted in 1996 is primarily intended to provide continuity of health insurance and enable administrative simplification in the healthcare industry. By establishing these standards, HIPAA aims to standardize the electronic transmission of certain administrative and financial transactions and to protect the confidentiality of patient information. By making electronic data interchange more efficient and cost effective than paper processing, it is expected that the healthcare industry will derive immense benefits.

Complying with HIPAA regulations is a critical business initiative for healthcare providers, payers, clearinghouses and other stakeholders in the healthcare space that handle protected health information. Estimates project HIPAA as a business opportunity worth $ 20 to 40 billion.

HIPAA an enterprise view

HIPAA affects various aspects of the current business practices followed by covered entities. Healthcare organizations will have to examine the regulations from legal, security, human resources, business process and technological perspectives and arrive at the optimum solution keeping the corporate goals in view. From an Information Technology perspective, HIPAA requires compliance in the following areas. Covered entities that engage in electronic healthcare transactions should use Standardized Transactions and Code sets. Unique identifiers that are individually assigned to providers, payers and employers will eventually be published. Organizations covered by HIPAA security standards must protect the healthcare information they maintain or transmit from improper access, alteration or loss. These organizations must not wrongfully disclose individually identifiable patient health information. Payers, providers, employers and clearinghouses are affected, though the nature may vary based on the healthcare transactions they support.

Towards e-health

For the healthcare industry one of the major benefits of complying with the regulations is the move towards E-health. Traditionally the healthcare industry has been lagging behind in terms of adoption of new technology. The typical healthcare setting is still heavily dependent on legacy systems and best of breed applications. The standards are therefore considered to be a major catalyst in propelling the healthcare industry towards the much-needed standardization. Standardization of transactions and code sets will be the first step towards a nationally accepted IT backbone, which will make way for E health becoming a reality. There are indications that the industry will save over $ 20 billion in the coming years as a result of these changes.

HIPAA: The business opportunity

The HIPAA market size is estimated to be worth $ 20 to 40 billion. This has resulted in the mushrooming of HIPAA shops, which reminds one of the mushrooming of medical transcription units and the resultant shortcomings in quality of delivery, which added to the lack of credibility for Indian goods and services in the US market. Incidentally HIPAA will have an adverse impact on the profitability of medical transcription industry in India as well.

Did Indian vendors miss the bus?

The fact remains that only very few software vendors have been able to execute HIPAA projects. Close to 42 per cent of the payer market has completed the assessment and are in various phases of remediation. Ironically many of the big players have not been able to make a dent in the market. My interaction with many of the prospects and clients in this space points to some of the reasons for this.

Lack of domain knowledge

First and foremost among these is the lack of domain knowledge in terms of the business processes in the healthcare industry. Many of the Indian vendors typically approach HIPAA as a technology issue, when it is in reality an enterprise wide issue. The other issue is that these software houses are hardly conversant with other standards in the healthcare space such as HL7, DICOM or a host of other industry related jargon, which is a huge disadvantage. The successful vendors are the ones, which have been able to demonstrate industry knowledge in the healthcare domain.


Since the Y2K days the industry has evolved dramatically and has come up with smart tools that have resulted in less number of programmers required for executing a project.

The process of automating

Automation will continue and is not good news at all for the IT industry, which is still focused on providing low end programming services at low cost. Many software houses still qualify only as large body shoppers making profits on the salary differentials across the oceans.


Credibility is at its all time low as many vendors who have hardly gone heard the word HIPAA have started to market themselves as HIPAA service providers. However the customers have become smarter and vendor evaluation guidelines have become more stringent with many of these vendors not even getting a chance to present their story.


Though HIPAA is a huge business opportunity, most of the Indian software vendors have been pretty unsuccessful in tapping into the market. Some of the factors that contribute to this are lack of domain knowledge, the increasing use of tools to automate programming, and a lack of credibility due to mushrooming of HIPAA shops. The inability of Indian software industry to capitalize on HIPAA is a pointer to the slackness that has affected the industry, which was riding a wave of easy money. Unless corrective measures, primarily aimed at long-term strategies to stay competitive are not taken the IT industry may not turn out to the dawn of a rosy future that it is painted by the industry and media.

(The author is head, HIPAA Solutions Group, Silverline Technologies. He can be contacted at

<< Previous Story
About Us | Feedback | Contribution | Subscribe | Advertise | Archives
Editorial | Hospinews |Insignia | Medtech |International | Almanac |Lab-Beat | Prescription | Products |Legalities | Different Strokes | Hyderabad |Opinion

Copyright 2000: Indian Express Group (Mumbai, India). All rights reserved throughout the world.
This entire site is compiled in Mumbai by The Business Publications Division of the Indian Express Group of
Newspapers. Please Email our Webmaster for any queries / broken links on this site