Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
'Sneak peek' of MU2 expected today at HIMSS12
February 22, 2012 | Jeff Rowe
Expectations have been rising since HIMSS12 opened, but the wait should come to an end today as ONC officials unveil the proposed rule for meaningful use Stage 2 - what some are calling a "sneak peek."
More
5 steps to take after experiencing a data breach
February 20, 2012 | Michelle McNickle
It's essential to take the steps necessary to prepare against a data breach, but after one does occur, knowing how to respond can make all the difference. Mahmood Sher-Jan, vice president of product management at ID Experts, offers five steps to take once a breach has happened.
More
New data shows hospital readiness for Stage 1 MU increasing
February 17, 2012 | Bernie Monegain
A comparison of HIMSS Analytics data from September 2011 to December 2011 suggests that a number of hospital segments showed increased capability to achieve Stage 1 meaningful use.
More
ICA launches forum for vendors to test interoperability
February 17, 2012 | Mike Miliard
Informatics Corporation of America (ICA), a developer of interoperability technology for health information exchange, has launched ICAetc, which is billed as a free and open forum for vendors to test the interoperability of their programs, ensuring the connection and communication of disparate systems.
More
ONC in line for budget boost
February 17, 2012 | Mary Mosquera
The Office of the National Coordinator for Health IT would receive $66 million, or $5 million more than the current year, under President Barack Obama's proposed budget for fiscal 2013.
More
5 tips for preparing for a potential privacy incident or data breach
February 16, 2012 | Michelle McNickle
Last year, health data breaches were up 97 percent, with all 50 states experiencing some sort of breach, and 385 incidents affecting more than 19 million people. Experts agree: If ever there were a time to protect and prepare against breaches, that time is now.
More
NIST to test EHR usability
February 16, 2012 | Mary Mosquera
The National Institute of Standards and Technology is calling on vendors to supply their existing electronic health records so the agency can conduct research on the systems to develop procedures for measuring and evaluating their usability.
More
NPWF: strong support for health IT, but also concerns
February 16, 2012 | Mike Miliard
As patients see their physicians use EHRs more, their trust in their doctors is is high, and so is their confidence in health IT's potential to improve care, according to a new survey from the National Partnership for Women & Families. Still, consumers have persistent worries about data breaches.
More
Premier, Clinical Architecture to help put data to better use
February 15, 2012 | Mike Miliard
Premier healthcare alliance has partnered with Carmel, Ind.-based Clinical Architecture in an effort to normalize disparate healthcare data and help care providers better understand and use health information.
More
5 patient-centered social media risks
February 14, 2012 | Michelle McNickle
These days, it's common get news via Twitter and connect with others via Facebook. But as the use of social media reaches new heights, so do the risks associated with it. This is especially true when it comes to patients. Chris Apgar and Christine Arevalo outline five patient-centered social media risks.
More
NaviNet to be acquired by Lumeris, Blues
February 14, 2012 | Chris Anderson
NaviNet, the real-time communication network for physicians, hospitals and payers, will be acquired by a group comprising three Blue health plans and health IT firm Lumeris.
More
ONC mobile app contest seeks help for disabilities
February 14, 2012 | Bernie Monegain
The Office of the National Coordinator has announced a new innovation challenge -- this one aimed at improving access to medical records for people with disabilities.
More
Case Study: Sentara Healthcare Completes an Award-Winning EHR with Enterprise Content Management
April 29, 2011 | On Demand Webinars
Providers today recognize that even the most powerful EMRs can't handle the content that exists outside of the patient record. Unstructured, ancillary documents and content related to patient care – paper, forms, faxes, graphics, photos and other clinical images – is often disconnected from electronic records. For Sentara Healthcare, access to accurate, timely and complete patient information is instrumental to increasing quality and service of care, and enterprise content management (ECM) is a vital part of that enterprise EHR strategy.
More
Old data learns new tricks: Managing patient security and privacy on a new data sharing playground
January 5, 2012 | White Papers
Data is quickly becoming one of the health industry’s most treasured commodities. Yet, health organizations are acutely aware that sensitive data can be easily compromised. As a converging industry moves quickly to leverage new electronic data, PwC found that the challenges are complex, but manageable.
More
Branch on Demand for Healthcare: Extending and Securing Access Across Caregiving Locations
January 5, 2012 | White Papers
Healthcare professionals need to focus on quality of patient care and on securing the patient data, even in the most remote locations. Network services provided to remote facilities, clinics, and offices depend less on the size of the location and more on the functions being performed at that location. Learn more about Branch on Demand, a cloud-enabled networking solution for remote locations that simplifies provisioning, management, security, and troubleshooting for these deployments.
More
Wi-Fi Provides Rx for Healthcare Challenges
January 5, 2012 | White Papers
The healthcare environment naturally lends itself to wireless networking, given the inherently mobile nature of physicians, nurses, orderlies, and others who move from beds to examining rooms, ministering to patients. This paper looks at how healthcare providers are using wireless LANs creatively to improve patient care and to realize much-needed cost efficiencies. It also discusses the primary challenges health organizations face in their deployments and offers up solutions for successfully addressing them.
More
Better Patient Care: Virtually There
January 5, 2012 | White Papers
This IDC Health Insights white paper identifies the key benefits from desktop virtualization in the clinical environment and presents case studies from three hospitals with detailed interviews, adopting desktop virtualization in the clinical environment. Read the report to find out how desktop virtualization has helped these organizations improve efficiency in the IT department, drive adoption of EMR applications, and support clinician mobility with wireless access, various client hardware options, and single sign-on.
More
The State of EHR Adoption: On The Road to Improving Patient Safety
January 5, 2012 | White Papers
Despite being identified as an essential tool to support quality care initiatives, improve patient safety and reduce healthcare costs, EMR and EHR systems have been stuck in a slow growth cycle. However, pressure is quickly mounting on caregivers to adopt and demonstrate meaningful use of EMR/EHR technology. Healthcare Informatics Research recently interviewed nearly 500 healthcare organizations to shed light on the current state of EMR/EHR adoption. Download this report to discover how organizations are overcoming obstacles to adoption, how they're benefitting from EMR/EHR solutions, and where the industry is going next.
More
Cloud Security Myths and Strategies Uncovered
January 5, 2012 | White Papers
Security and compliance is the most often-cited barrier to cloud adoption. Forward-thinking CSOs are already embracing the right security strategy and exercising appropriate caution without dampening cloud optimism. Read what one CTO has to say about ensuring control and visibility in a secure cloud. This paper leverages insights from CSO/IDG research “What’s Top of Mind for CSOs” and includes a checklist of how to build a trusted cloud.
More
Enabling Fast and Secure Clinician Workflow with One-Touch Desktop Roaming
January 5, 2012 | White Papers
The move from paper-based medical records systems to electronic medical records (EMR) technology is improving patient outcomes, increasing clinician productivity, and lowering costs. However, access to patient information must not only be secure, but also fast, convenient and reliable. Technologies that provide security but frustrate clinicians will slow EMR adoption to a crawl. In this white paper, you’ll learn how you can solve this “last mile” problem and maximize user adoption by providing fast, convenient, secure access to EMR data across multiple clients, where and when the clinician requests it.
More
3 Steps to Faster EMR Adoption with Desktop Virtualization & SSO
January 5, 2012 | White Papers
The Meaningful Use objectives in the HITECH Act are creating new urgency for hospitals and other healthcare provider organizations to implement EHR and CPOE systems. This white paper outlines three key steps that your organization can take to accelerate EHR and CPOE adoption. Read on to discover out how the combination of desktop virtualization and single sign-on make it faster and easier to deploy new clinical applications while optimizing the clinician experience, protecting patient data, and reducing cost and complexity.
More
Children's Hospital Los Angeles: Deploying SSO Support Caregiver Workflow
November 28, 2011 | On Demand Webinars
Case study featuring Children's Hospital Los Angeles' implementation of single sign-on (SSO) to support caregiver workflow across multiple applications, including Cerner and PeopleSoft.
More
An IDC Health Insights and Intel Webcast: mHealth and The Second Wave of Clinical Mobility
November 23, 2011 | On Demand Webinars
Driven by a history of innovation, Intel is focusing its game-changing technologies on transforming healthcare to enable connected, coordinated, cost-effective care based on each person's health goals and history, enhancing prevention, focusing treatment, and improving outcomes.
More
Transformational Strategies for Supporting EMR Adoption: IDC and Lahey Clinic Speak Out
November 22, 2011 | On Demand Webinars
EMR conversion is inevitable. The impacts to your workflow and efficiencies in care delivery remain serious obstacles to successful EMR adoption. Effective strategies during EMR implementation can lessen the blow and drive adoption during periods of transition. Participants will learn about: •Lahey Clinic's experience with successful EMR adoption •IDC's prescription for getting near term value today, while creating a sustainable approach for the long term •How to close the gap between traditional records and the EMR
More
Employee Makes Fun of Patient on Facebook
January 5, 2012 | Christina Thielst
When will our employees learn not to identify patients on Facebook or any other social media site?
More
HIPAA 5010: Are You Ready for the New Transaction Standard?
December 13, 2011 | Debbi Meisner
Can you hear that clock ticking down to Jan. 1, 2012? If you are among the few in healthcare who are really on the ball, becoming compliant with new ASC-X12 5010 transaction standards ahead of the deadline, then congratulations!
More
HIMSS Leaders & Innovators excites C-suite execs 
November 22, 2011 | Mike Miliard
This past week I had the pleasure of traveling, along with MedTech Media Editorial Director Rich Pizzi, to Amelia Island, Fla. for the inaugural HIMSS Leaders & Innovators conference.
More
On HIPAA and Social Media in Healthcare
November 17, 2011 | David Harlow
I was interviewed for an article on AIS Health that came out last week. The title of this article -- on health care social media and regulatory and legal issues that health care providers may face in using these tools -- struck me as being tinged with hysteria.
More
Cloud technology in a healthcare setting
November 15, 2011 | Geoff Webb
The healthcare industry is under constant pressure to streamline the sharing and availability of information, while at the same time maintaining ever-more rigorous controls over patient privacy, and of course, reducing costs at the same time. Therefore cloud computing offers some significant opportunities, perhaps even more significant than in many other industries.
More
OCR HIPAA Audits Finally Kick Off
November 9, 2011 | David Harlow
The HITECH Act called for stepped-up HIPAA privacy and security and breach notification rule enforcement with respect to covered entities and business associates, to be accomplished by spot-check audits.
More
A Business Case for Single Sign On
October 10, 2011 | Kathleen Gaffney
This weekend, I was busy using online applications. While I love doing things online, I do not love signing on to the various websites. This led me to think about my healthcare clients, the clinicians and physicians who need to sign into multiple systems several times a day to do their jobs.
More
AHIMA11: Twitter recap
October 7, 2011 | Kelly Mehler
The 83rd Annual AHIMA Convention & Exhibit took place this week in Salt Lake City, Utah. The official AHIMA Resources twitter account promoted the hashtag #AHIMA11 in the weeks building up to the conference, in hopes that attendees would share personal experiences, tweet live events and enjoy the networking affairs. Here is a twitter recap of those who chose to do so.
More
Bring Your Own Device
October 4, 2011 | John Halamka
At BIDMC, I oversee 10,600 desktops and 2000 laptops. They are all locked down with System Center Configuration Manager 2007 and McAfee ePolicy Orchestrator.
More
Comments on CLIA/HIPAA Harmonization (Patient Access to Labs) NPRM
September 30, 2011 | Keith W. Boone
HHS announced the publication of a new proposed rule titled: CLIA Program and HIPAA Privacy Rule; Patients’ Access to Test Reports.
More
How to manage HIPAA security in a way that actually enhances security and doesn't just fill in documentation
September 20, 2011 | Shahid Shah
I get lots of questions about HIPAA security these days; especially as EHR firms, hospitals, payers, and startups alike are being asked about their HIPAA policies. My general recommendation is that you should forget about HIPAA at first.
More
How to Evaluate a HIPAA Security Compliant Data Center
September 1, 2011 | Nav Ranajee
If you host your healthcare data with a data center, certain administrative, physical and technical safeguards should be in place, as defined by the Health Insurance Portability and Accountability Act (HIPAA) Security Rule.
More
Ponemon Institute survey on cloud data security exposes gulf between IT security and compliance officers
November 1, 2011 | Prasad Dindigal
Vormetric, Inc., the leader in enterprise systems encryption and key management, today announced the results from an independent research report conducted by the Ponemon Institute on how organizations manage data security risks in cloud computing environments. The survey of 1,000 IT security practitioners and enterprise compliance officers revealed that less than half of all respondents believe their organizations have adequate technologies to secure their cloud infrastructures. Meanwhile, the two groups sharply disagreed on whether the cloud is as secure as on-premise datacenters, who is responsible for cloud data security, and what security measures should be used.
More
Florida HIE live with direct messaging
August 31, 2011 | Industry News Release
Harris Corporation, an international communications and information technology company, in partnership with the Florida Agency for Health Care Administration (AHCA), has launched a secure email service that enables health care providers to exchange health information electronically with other providers.
More
St. Jude Medical Center Helps Ease the Trauma of Premature Birth
July 7, 2011 | Industry News Release
When a baby requires care in the Neonatal Intensive Care Unit (NICU), it is a stressful time for the entire family. St. Jude Medical Center, part of the St. Joseph Health System, has made it a little easier. For parents with babies in the St. Jude NICU, no matter where they are, no matter if it is 2 a.m. or 2 p.m.-their infant is now as close as a computer or mobile device.
More
Health centers play key role in Indiana HIE's quality program
June 21, 2011 | Industry News Release
Seven community health centers and federally qualified health centers in central Indiana are now part of the Indiana Health Information Exchange's (IHIE) quality initiative, called the Quality Health First Program. Open Door Health Services, based in Muncie, is the latest participant the program.
More
Verizon boosts security offerings
June 2, 2011 | Industry News Release
To help health care organizations and their business partners address evolving federal requirements for health data security and privacy, Verizon is enhancing two of its security programs.
More
ONC's Doug Fridsma joins HL7 board
May 31, 2011 | Industry News Release
Health Level Seven® International (HL7), the global authority for interoperability and standards in healthcare information technology with members in 55 countries, today announced the appointment of Doug Fridsma, MD, PhD, director of the Office of Interoperability and Standards, Office of the National Coordinator for Health Information Technology (ONC), to the HL7 Board of Directors.
More
Michigan hospital taps CareTech for IT monitoring
May 31, 2011 | Industry News Release
CareTech Solutions, an information technology and Web products and services provider for more than 180 U.S. hospitals and health systems, announced today that St. Luke's Hospital & Health Network (SLHHN) in Bethlehem, PA. selected the company to provide remote 24/7/365 IT infrastructure monitoring from CareTech's Healthcare Infrastructure Operations Center (HIOC), a technology hub for the storing and monitoring of data, systems and applications located in Troy, Mich.
More
HITRUST Addresses Risk Assessment Issues for Small Healthcare Organizations
May 26, 2011 | Industry News Release
The Health Information Trust Alliance (HITRUST) announced today a new component of the CSF Assurance program targeted at healthcare organizations with annual revenue less than $25 million. The new security assessment approach addresses the wide-scale inaccuracies found in assessments conducted by smaller organizations and extends the reach and value of the CSF Assurance program, the most widely used approach for documenting risk assessment information in the healthcare industry. The HITRUST CSF Assessment for Small Organizations is a practical and effective solution for organizations wanting to perform accurate assessments of their information security environment and address the requirements of meaningful use.
More
Brooklyn practice achieves MU Stage 1
May 25, 2011 | Industry News Release
Sage Healthcare Division, a unit of Sage North America, announced today that its client, Dr. Moore & Associates, a primary care practice in Brooklyn, NY, is among several of the company's clients to successfully attest to Stage 1 meaningful use under the Medicare EHR Incentive Program.
More
VA puts ‘point-of-care research’ to the test
May 9, 2011 | Industry News Release
A team from the Department of Veterans Affairs (VA) and Stanford University is exploring a new approach to clinical trials that experts say will cost less and be easier to translate into practice.
More
Missouri health system to roll out new EHR
May 6, 2011 | Industry News Release
Hannibal Regional Healthcare System, which operates a not-for-profit community hospital in northeast Missouri, has selected the Sunrise Enterprise suite of solutions from Allscripts.
More
NEW AMA-MGMA ONLINE DIRECTORY HELPS PHYSICIANS SELECT PRACTICE MANAGEMENT SYSTEM SOFTWARE
April 28, 2011 | Industry News Release
Selecting the correct software to use in a medical practice is critical for physicians, particularly now that all technology-based practices must be compliant with the government's updated standard for electronic claims transactions. The new standard, known as HIPAA Version 5010, will be required by January 1, 2012. The American Medical Association (AMA) and the Medical Group Management Association (MGMA) have made the software selection process easier by developing an online directory of software vendors that helps physicians determine whether the vendors’ practice management systems are compliant with the 5010 standard. A companion piece to the recently released Selecting a Practice Management System toolkit, the Practice Management System Software Directory provides detailed vendor profiles, enabling physicians to easily choose the software that best fits their needs.
More