Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
Electronic health records don't just enable better care; they also make it a heck of a lot easier to catch employees who inappropriately view patients' protected health information.
January 26, 2015
News
Just three weeks into 2015, and there have already been some pretty big happenings in health IT. Angry docs! Unsatisfied patients! Emerging new C-suite roles! We look back at the week that was.
January 22, 2015
News
Even as Mountain View pulls back the reins on consumer-facing development, clinical applications of Google Glass are "full-steam ahead."
January 22, 2015
News
Healthcare organizations not only must heed federal data security laws; they also have state laws to keep in mind. A growing trend has states making these regulations tougher than ever.
January 19, 2015
News
Watch this special video and revisit what some hospital CIOs identified as their key challenges last year. From standardization of workflow processes to increasing compliance demands to concerns about privacy and security, CIOs had a full plate in 2014.
January 15, 2015
News
What United States Postal Service officials originally reported as a "cybersecurity intrusion" that compromised the Social Security numbers of some 800,000 USPS employees, turned out to be even bigger than they thought, involving scores of protected health records too.
January 5, 2015
News
The ABC television show "NY Med" filmed Mark Chanko's final moments without the approval of his family. Even though his face was blurred, his wife recognized him. "I saw my husband die before my eyes."
January 2, 2015
News
Just a few days remain to submit a speaking proposal for the HIMSS Media and Healthcare IT News Privacy & Security Forum in San Diego, March 5-6. The forum will bring together more than 200 leading providers, payers, researchers and government officials.
December 31, 2014
News
The potential cost of breaches for the healthcare industry could be as much as $5.6 billion annually, according to a new report from Experian, a global information services firm. The report is Experian's second annual data breach forecast across industries.
December 29, 2014
News
It was, as always, an eventful year for the health information technology industry, everywhere from hospitals to physician practices, vendor headquarters to the halls of Congress. 2014 was marked by big stories about ICD-10, privacy and security, patient safety, interoperability and more. We spotlight some of them here.
December 26, 2014
News
A California hospital is notifying some of its patients of a HIPAA breach after their protected health information was viewable on Google and other search engines.
December 23, 2014
News
A recent study led by the Regenstrief Institute raises interesting questions about patient health data: who controls it, who sees it in the electronic health record and how it should be shared across the care continuum.
December 22, 2014
News
Analytically useful anonymized data maintains referential integrity, so that relationships between data elements can be teased out of a patient’s medical information. This is needed for many forms of advanced analytics—such as evidence-based medicine, predicting resource demands, or estimating patient health-risk factors.
July 10, 2014
Resource
sites/default/files/resource-media/pdf/white_paper_the_analytic_utility_of_anonymized_data.pdf
Protect
To extract or maximize the value contained in databases, data custodians must often provide outside organizations access to their data. In order to protect the privacy of the individuals whose data is being disclosed, a data custodian must “de-identify” information before releasing it to a third-party. De-identification ensures that data cannot be matched to the person it describes. What might seem like a simple matter of masking a person’s direct identifiers (name, address), the problem of de-identification has proven more difficult and is an active area of scientific research.
July 10, 2014
Resource
sites/default/files/resource-media/pdf/de-identification_101_final.pdf
Protect
Healthcare organizations are burdened with a deluge of data and it’s only getting worse over time. Whether it’s provider-generated observational data coming through EHRs, medical imaging and telemetry data, or patient-generated consumer device and genetic data, the traditional methods for managing health information do not scale. Given the enormous and ever-increasing value of healthcare data, new approaches to enterprise ILM are essential. And, with scarce resources limiting your ability to “do it yourself” you’ll need the right partners that understand and implement these new approaches.
October 21, 2013
Resource
sites/default/files/resource-media/pdf/strategies_for_healthcare_information_lifecycle_management.pdf
Protect
Healthcare workers are not immune to the BYOD trend. More & more healthcare facilities are allowing their clinicians the use of smart phones, tablets & other mobile devices to access applications and enable them to deliver care wherever & whenever needed. The use of these mobile devices also presents a huge risk to patient information. Read on to learn how Intel© Anti-theft technology can help keep your patient information safe.
July 2, 2013
Resource
sites/default/files/resource-media/pdf/securing-mobile-devices-in-healthcare-solution-brief1.pdf
Protect
In January 2012, Healthcare IT News conducted a survey to identify drivers and challenges for developing and deploying a solution for centralized digital document delivery that complies with healthcare industry regulations. Read this report to learn the key findings from the survey investigating trends in the adoption of digital document management systems by healthcare institutions since the rollout of the <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">HITECH</a> Act’s financial incentive programs.
September 2, 2012
Resource
sites/default/files/resource-media/pdf/opentext_white_paper_final.pdf
Protect
This whitepaper looks at the five ways doctors and their hospitals can benefit from the ability to achieve instant communications routed per physicians’ preferences. With the improved ability for doctors to coordinate care through well-routed communication requests, patient care gets a boost, staff satisfaction goes up, and the healthcare system can achieve overall greater efficiency.
June 1, 2012
Resource
sites/default/files/resource-media/pdf/amcom_5-ways-doctors-instant-communications.pdf
Protect
Children’s Hospital Los Angeles has now enabled a secure access platform for referring practices and clinicians to bring their patients to the best healthcare solution provider from any device. Find out how by registering for this complimentary webinar.
January 29, 2015
Resource
Do Not Protect
http://www.himssmediawebinars.com/registration/webinar/clinical-portal-enables-physician-community-access-patient-information-and-driv?affiliatedata=HITNwebsite
In 2015, Big Data will only grow in importance, and in complexity. How can you better manage data and lock down sensitive information? Find out in this webinar.
January 19, 2015
Resource
Do Not Protect
http://www.himssmediawebinars.com/registration/webinar/big-data-big-management?affiliatedata=HITNwebsite
Learn how an effective cloud-computing risk-management program reduces overall risk, prioritizes resource utilization and provides healthcare organizations with a long-term strategy. Download now for a manageable process and checklist that can be used by enterprise security, compliance and IT as a framework for crafting a successful cloud computing security plan.
December 5, 2014
Resource
Protect
In this webinar, you will learn how to minimize security risk and regulatory exposure for your organization while successfully deploying Patient Portals and other web-based healthcare applications.
December 1, 2014
Resource
Do Not Protect
http://himssmediawebinars.com/registration/webinar/securing-patient-portals-what-you-need-know-comply-hipaa-and-meaningful-use-0?affiliatedata=HITNwebsite
Karen Finley and Dave Len will explain how Duke University Health System has continued to refine its use of access management to improve clinical efficiency and security in light of evolving business needs.
November 26, 2014
Resource
Do Not Protect
http://himssmediawebinars.com/registration/webinar/how-duke-university-health-system-adapted-its-single-sign-and-context-managemen?affiliatedata=HITNwebsite
At this session, you’ll see first-hand how you can use technology to enable better care team coordination and communication, how you can share information, including patient data, securely, and how you can easily use the data that you have to help make more informed and faster decisions.
November 18, 2014
Resource
Do Not Protect
http://himssmediawebinars.com/registration/webinar/technology-immersion-enabling-better-care-team-collaboration-and-communication?affiliatedata=hitnwebsite
Joseph Kvedar, MD, is often asked, "If you could snap your fingers and do some things to accelerate the adoption of connected health, what would they be?" He offers a list of five accelerants.
January 29, 2015
Blog
Your average healthcare IT organization tends to be ruled by two primary concerns: HIPAA compliance and preventing breaches. Both are smart priorities, but many teams assume that achieving the first will prevent the second – and that can be a disastrous mistake.
January 27, 2015
Blog
In reading an account of the recent attack on Community Health Systems, I was struck by the notion put across in the article that all we have to do is work harder to patch vulnerabilities, that with a better defense we can win the game against a skilled quarterback.
August 25, 2014
Blog
The consumerization of IT and the bring-your-own-device movement in the workplace has proven to be extremely beneficial for the healthcare industry, allowing providers to access patient data, billing information, clinical trial data and employee information on the go. However, this comes with a price.
August 12, 2014
Blog
Technology poses a constant dilemma. On one hand, it makes our lives easier and, in many cases, more efficient. However, it also leaves those who don’t understand or respect data security vulnerable to thieves, and the healthcare industry is a place where this reality rings especially true.
July 31, 2014
Blog
When it comes to leveraging the cloud for healthcare IT, I see two prevailing dynamics over and over. The first is that most organizations understand the benefits of the cloud very well. But when it comes to enjoying those benefits by partnering with the right provider, these same organizations are frequently lost.
June 24, 2014
Blog
The beauty of our technological world lies in the simple fact that as a technology is used by more people, it inevitably improves. Enterprise content management is no different.
May 29, 2014
Blog
HHS has released a new security risk assessment tool to help providers, and perhaps business partners, uncover potential weaknesses in their security policies, processes and systems.
May 19, 2014
Blog
What the healthcare industry needs to know about preventing security risk.
May 7, 2014
Blog
As I survey the landscape in 2014, I see much more sophisticated attacks at the same time there is much more severe regulatory enforcement. Where would I put my security dollars this year?
April 30, 2014
Blog
As technology continues to evolve, it can be difficult to resist getting caught by the "gee whiz" factor as we project what the future of healthcare could look like. But a new study may reveal the kind of challenges that lie ahead.
April 29, 2014
Blog
The Heartbleed web security exploit was first publicized several weeks ago. Fred Trotter notes in the MIT Technology Review that other similarly worrisome exploits do not get our attention in the same way, and that more health data leaks are likely in our future.
April 29, 2014
Blog
The Electronic Healthcare Network Accreditation Commission (EHNAC), a non-profit standards development organization and accrediting body, in partnership with the Workgroup for Electronic Data Interchange (WEDI), today announced the formation of the new Practice Management System Accreditation Program (PMSAP).
July 15, 2014
Press Release
Numera, providing customizable solutions for companies interested in improving their offerings for healthy aging, chronic condition management, and post-acute careannounced its collaboration with ResMed on its patient engagement platform called SleepSeeker, a free online tool to improve patient compliance with therapy for sleep-disordered breathing.
June 18, 2013
Press Release
Cognosante, a provider of IT services for healthcare organizations, announced it was awarded a contract from Orion Health to provide integration and identity management for the first phase of the Massachusetts Statewide Health Information Exchange (HIE) program.
October 2, 2012
Press Release
Aetna and Hunterdon HealthCare Partners have announced a new accountable care agreement that will improve the quality and cost of patient care, helping members and plan sponsors save money.
July 19, 2012
Press Release
Vormetric, Inc., the leader in enterprise systems encryption and key management, today announced the results from an independent research report conducted by the Ponemon Institute on how organizations manage data security risks in cloud computing environments. The survey of 1,000 IT security practitioners and enterprise compliance officers revealed that less than half of all respondents believe their organizations have adequate technologies to secure their cloud infrastructures. Meanwhile, the two groups sharply disagreed on whether the cloud is as secure as on-premise datacenters, who is responsible for cloud data security, and what security measures should be used.
November 1, 2011
Press Release
Harris Corporation, an international communications and information technology company, in partnership with the Florida Agency for Health Care Administration (AHCA), has launched a secure email service that enables health care providers to exchange health information electronically with other providers.
August 31, 2011
Press Release
When a baby requires care in the Neonatal Intensive Care Unit (NICU), it is a stressful time for the entire family. St. Jude Medical Center, part of the St. Joseph Health System, has made it a little easier. For parents with babies in the St. Jude NICU, no matter where they are, no matter if it is 2 a.m. or 2 p.m.-their infant is now as close as a computer or mobile device.
July 7, 2011
Press Release
Seven community health centers and federally qualified health centers in central Indiana are now part of the Indiana Health Information Exchange's (IHIE) quality initiative, called the Quality Health First Program. Open Door Health Services, based in Muncie, is the latest participant the program.
June 21, 2011
Press Release
To help health care organizations and their business partners address evolving federal requirements for health data security and privacy, Verizon is enhancing two of its security programs.
June 2, 2011
Press Release
Health Level Seven® International (HL7), the global authority for interoperability and standards in healthcare information technology with members in 55 countries, today announced the appointment of Doug Fridsma, MD, PhD, director of the Office of Interoperability and Standards, Office of the National Coordinator for Health Information Technology (ONC), to the HL7 Board of Directors.
May 31, 2011
Press Release
CareTech Solutions, an information technology and Web products and services provider for more than 180 U.S. hospitals and health systems, announced today that St. Luke's Hospital & Health Network (SLHHN) in Bethlehem, PA. selected the company to provide remote 24/7/365 IT infrastructure monitoring from CareTech's Healthcare Infrastructure Operations Center (HIOC), a technology hub for the storing and monitoring of data, systems and applications located in Troy, Mich.
May 31, 2011
Press Release
The Health Information Trust Alliance (HITRUST) announced today a new component of the CSF Assurance program targeted at healthcare organizations with annual revenue less than $25 million. The new security assessment approach addresses the wide-scale inaccuracies found in assessments conducted by smaller organizations and extends the reach and value of the CSF Assurance program, the most widely used approach for documenting risk assessment information in the healthcare industry. The HITRUST CSF Assessment for Small Organizations is a practical and effective solution for organizations wanting to perform accurate assessments of their information security environment and address the requirements of meaningful use.
May 26, 2011
Press Release