Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
For wearable technology to live up to the hype, especially when it comes to healthcare, it will have to be "interoperable, integrated, engaging, social and outcomes-driven," according to PwC.
October 21, 2014
News
While it's clear how Apple's HealthKit and the newest smartphones will play in the healthcare realm, Apple Pay, which the company is rumored to be preparing for a debut when it announces new iPads this week, could actually have an impact there as well.
October 15, 2014
News
An academic medical center in California is notifying patients of a HIPAA breach after officials discovered that a physician's email account had been hacked by an outside source.
October 14, 2014
News
National coordinator Karen DeSalvo, MD, revealed on Tuesday that ONC now has a new Chief Privacy Officer. "She brings a set of rich experiences at the intersection of health information, privacy, and modernizing the health care delivery system," DeSalvo wrote in an email to staff.
October 14, 2014
News
The U.S. government's new $450 million job training program targets 270 community colleges across the country, many of which plan to offer courses in health IT.
October 8, 2014
News
Add Facebook to the list of Silicon Valley technology companies looking for ways to make personal health data a new part of their growth strategy. Like Apple and Google, the social network is said to be developing wellness apps, as well as health discussion groups for its 1.3 billion users.
October 6, 2014
News
As Shellshock, the latest serious cybersecurity flaw, casts its shadow over healthcare, the U.S. Food and Drug Administration has finalized a set of recommendations to protect medical devices from Web-based attacks.
October 2, 2014
News
If you think you'll be able to dodge a data breach without putting in some serious work, think again. This year, healthcare organizations have reported more breaches than ever -- a 10 percent jump, on average. So what are they doing to improve these numbers? Not nearly enough, says the Ponemon Institute.
October 1, 2014
News
A mail merge gone wrong has officials at the University of Florida and Texas Health and Human Services rushing to send patient notification letters after the error, which occurred a year ago, resulted in a data breach.
September 29, 2014
News
The Health Information Trust Alliance has put out a word of warning about Shellshock, a system vulnerability it says could wreak much more damage than the infamous Heartbleed bug.
September 29, 2014
News
The HHS Office of the Inspector General found one "critical vulnerability" in the security of information on HealthCare.gov, according to a report it released Tuesday.
September 23, 2014
News
"Just by having an app on your device, (a cybercriminal) can determine your call history, take your contact list info, if they choose to." That's how vulnerable smartphones, tablets and their mobile ilk actually are, Jim Routh said, and it's not just the devices that chief information security officers like him have to worry about.
September 23, 2014
News
Analytically useful anonymized data maintains referential integrity, so that relationships between data elements can be teased out of a patient’s medical information. This is needed for many forms of advanced analytics—such as evidence-based medicine, predicting resource demands, or estimating patient health-risk factors.
July 10, 2014
Resource
sites/default/files/resource-media/pdf/white_paper_the_analytic_utility_of_anonymized_data.pdf
Protect
To extract or maximize the value contained in databases, data custodians must often provide outside organizations access to their data. In order to protect the privacy of the individuals whose data is being disclosed, a data custodian must “de-identify” information before releasing it to a third-party. De-identification ensures that data cannot be matched to the person it describes. What might seem like a simple matter of masking a person’s direct identifiers (name, address), the problem of de-identification has proven more difficult and is an active area of scientific research.
July 10, 2014
Resource
sites/default/files/resource-media/pdf/de-identification_101_final.pdf
Protect
Healthcare organizations are burdened with a deluge of data and it’s only getting worse over time. Whether it’s provider-generated observational data coming through EHRs, medical imaging and telemetry data, or patient-generated consumer device and genetic data, the traditional methods for managing health information do not scale. Given the enormous and ever-increasing value of healthcare data, new approaches to enterprise ILM are essential. And, with scarce resources limiting your ability to “do it yourself” you’ll need the right partners that understand and implement these new approaches.
October 21, 2013
Resource
sites/default/files/resource-media/pdf/strategies_for_healthcare_information_lifecycle_management.pdf
Protect
Healthcare workers are not immune to the BYOD trend. More & more healthcare facilities are allowing their clinicians the use of smart phones, tablets & other mobile devices to access applications and enable them to deliver care wherever & whenever needed. The use of these mobile devices also presents a huge risk to patient information. Read on to learn how Intel© Anti-theft technology can help keep your patient information safe.
July 2, 2013
Resource
sites/default/files/resource-media/pdf/securing-mobile-devices-in-healthcare-solution-brief1.pdf
Protect
In January 2012, Healthcare IT News conducted a survey to identify drivers and challenges for developing and deploying a solution for centralized digital document delivery that complies with healthcare industry regulations. Read this report to learn the key findings from the survey investigating trends in the adoption of digital document management systems by healthcare institutions since the rollout of the <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">HITECH</a> Act’s financial incentive programs.
September 2, 2012
Resource
sites/default/files/resource-media/pdf/opentext_white_paper_final.pdf
Protect
This whitepaper looks at the five ways doctors and their hospitals can benefit from the ability to achieve instant communications routed per physicians’ preferences. With the improved ability for doctors to coordinate care through well-routed communication requests, patient care gets a boost, staff satisfaction goes up, and the healthcare system can achieve overall greater efficiency.
June 1, 2012
Resource
sites/default/files/resource-media/pdf/amcom_5-ways-doctors-instant-communications.pdf
Protect
The shift from fee-for-service to value-based care is creating significant financial and performance pressures for healthcare providers. As Health IT leaders work to harness cloud, Big Data, mobile, and social technology to optimize their EMR, building a trusted hybrid cloud infrastructure lays the foundation for team-based care. In this whitepaper, learn how a hybrid cloud framework enables coordinated care to improve patient care delivery, lower IT costs, and increase business agility -- including recommended steps and solutions.
October 15, 2014
Resource
sites/default/files/resource-media/pdf/hybrid_cloud_powers_next_generation_health_it_emc_whitepaper.pdf
Protect
The shift from fee-for-service to value-based care is creating significant financial and performance pressures for healthcare providers. As Health IT leaders work to harness cloud, Big Data, mobile, and social technology to optimize their EMR, building a trusted hybrid cloud infrastructure lays the foundation for team-based care. In this whitepaper, learn how a hybrid cloud framework enables coordinated care to improve patient care delivery, lower IT costs, and increase business agility -- including recommended steps and solutions.
October 15, 2014
Resource
sites/default/files/resource-media/pdf/hybrid_cloud_powers_next_generation_health_it_emc_whitepaper.pdf
Protect
This webinar will cover malicious cybercrime, the evolution of hackers, and how it affects the corporate IT landscape. Hear about how NaviSite and Alert Logic have teamed up to provide relevant security solutions and strategies for businesses to use to prevent harmful cyber activity affecting the Healthcare Industry.
October 8, 2014
Resource
Do Not Protect
http://himssmediawebinars.com/registration/webinar/emerging-threats-healthcare-strategies-defense?affiliatedata=website
The cloud delivers many benefits: agility, performance, scalability and cost management. However, there are risks that come along with those benefits: users and organizations that are not security conscious and those without cloud-specific security solutions can be in jeopardy if they do not properly research their deployment requirements and find proven solutions. Learn why an organization's security posture must extend from edge devices to the heart of the business -- the data center -- whether that data center is on-premises, within the cloud, or a hybrid.
September 24, 2014
Resource
sites/default/files/resource-media/pdf/wp_alert_logic_cloud_security_report_-_spring_20141.pdf
Protect
Craft an optimized cloud security plan using the proven framework in this guide. These seven sequential steps enable organizations to structure security and compliance programs that take advantage of the financial benefits of managed cloud applications and services while meeting security and compliance goals.
September 24, 2014
Resource
sites/default/files/resource-media/pdf/wp_7_steps_to_cloud_security_aug142.pdf
Protect
One hour webinar that walks through the Dell Mobile Clinical Computing solution and why you may want to consider it for your environment.
September 22, 2014
Resource
Protect
http://www.dell.com/learn/us/en/70/videos~en/documents~eseminar-mobile-clinical-computing.aspx
In reading an account of the recent attack on Community Health Systems, I was struck by the notion put across in the article that all we have to do is work harder to patch vulnerabilities, that with a better defense we can win the game against a skilled quarterback.
August 25, 2014
Blog
The consumerization of IT and the bring-your-own-device movement in the workplace has proven to be extremely beneficial for the healthcare industry, allowing providers to access patient data, billing information, clinical trial data and employee information on the go. However, this comes with a price.
August 12, 2014
Blog
Technology poses a constant dilemma. On one hand, it makes our lives easier and, in many cases, more efficient. However, it also leaves those who don’t understand or respect data security vulnerable to thieves, and the healthcare industry is a place where this reality rings especially true.
July 31, 2014
Blog
When it comes to leveraging the cloud for healthcare IT, I see two prevailing dynamics over and over. The first is that most organizations understand the benefits of the cloud very well. But when it comes to enjoying those benefits by partnering with the right provider, these same organizations are frequently lost.
June 24, 2014
Blog
The beauty of our technological world lies in the simple fact that as a technology is used by more people, it inevitably improves. Enterprise content management is no different.
May 29, 2014
Blog
HHS has released a new security risk assessment tool to help providers, and perhaps business partners, uncover potential weaknesses in their security policies, processes and systems.
May 19, 2014
Blog
What the healthcare industry needs to know about preventing security risk.
May 7, 2014
Blog
As I survey the landscape in 2014, I see much more sophisticated attacks at the same time there is much more severe regulatory enforcement. Where would I put my security dollars this year?
April 30, 2014
Blog
As technology continues to evolve, it can be difficult to resist getting caught by the "gee whiz" factor as we project what the future of healthcare could look like. But a new study may reveal the kind of challenges that lie ahead.
April 29, 2014
Blog
The Heartbleed web security exploit was first publicized several weeks ago. Fred Trotter notes in the MIT Technology Review that other similarly worrisome exploits do not get our attention in the same way, and that more health data leaks are likely in our future.
April 29, 2014
Blog
There are innumerable clinical, financial and compliance issues to be concerned about in this watershed era for the American healthcare system. However, do not forget about HIPAA.
April 17, 2014
Blog
As we discussed in Part I of this series, encryption plays a vital role in healthcare IT security, but not everyone understands the ins and outs. Today we're going to focus on the other more critical components of encryption.
March 28, 2014
Blog
The Electronic Healthcare Network Accreditation Commission (EHNAC), a non-profit standards development organization and accrediting body, in partnership with the Workgroup for Electronic Data Interchange (WEDI), today announced the formation of the new Practice Management System Accreditation Program (PMSAP).
July 15, 2014
Press Release
Numera, providing customizable solutions for companies interested in improving their offerings for healthy aging, chronic condition management, and post-acute careannounced its collaboration with ResMed on its patient engagement platform called SleepSeeker, a free online tool to improve patient compliance with therapy for sleep-disordered breathing.
June 18, 2013
Press Release
Cognosante, a provider of IT services for healthcare organizations, announced it was awarded a contract from Orion Health to provide integration and identity management for the first phase of the Massachusetts Statewide Health Information Exchange (HIE) program.
October 2, 2012
Press Release
Aetna and Hunterdon HealthCare Partners have announced a new accountable care agreement that will improve the quality and cost of patient care, helping members and plan sponsors save money.
July 19, 2012
Press Release
Vormetric, Inc., the leader in enterprise systems encryption and key management, today announced the results from an independent research report conducted by the Ponemon Institute on how organizations manage data security risks in cloud computing environments. The survey of 1,000 IT security practitioners and enterprise compliance officers revealed that less than half of all respondents believe their organizations have adequate technologies to secure their cloud infrastructures. Meanwhile, the two groups sharply disagreed on whether the cloud is as secure as on-premise datacenters, who is responsible for cloud data security, and what security measures should be used.
November 1, 2011
Press Release
Harris Corporation, an international communications and information technology company, in partnership with the Florida Agency for Health Care Administration (AHCA), has launched a secure email service that enables health care providers to exchange health information electronically with other providers.
August 31, 2011
Press Release
When a baby requires care in the Neonatal Intensive Care Unit (NICU), it is a stressful time for the entire family. St. Jude Medical Center, part of the St. Joseph Health System, has made it a little easier. For parents with babies in the St. Jude NICU, no matter where they are, no matter if it is 2 a.m. or 2 p.m.-their infant is now as close as a computer or mobile device.
July 7, 2011
Press Release
Seven community health centers and federally qualified health centers in central Indiana are now part of the Indiana Health Information Exchange's (IHIE) quality initiative, called the Quality Health First Program. Open Door Health Services, based in Muncie, is the latest participant the program.
June 21, 2011
Press Release
To help health care organizations and their business partners address evolving federal requirements for health data security and privacy, Verizon is enhancing two of its security programs.
June 2, 2011
Press Release
Health Level Seven® International (HL7), the global authority for interoperability and standards in healthcare information technology with members in 55 countries, today announced the appointment of Doug Fridsma, MD, PhD, director of the Office of Interoperability and Standards, Office of the National Coordinator for Health Information Technology (ONC), to the HL7 Board of Directors.
May 31, 2011
Press Release
CareTech Solutions, an information technology and Web products and services provider for more than 180 U.S. hospitals and health systems, announced today that St. Luke's Hospital & Health Network (SLHHN) in Bethlehem, PA. selected the company to provide remote 24/7/365 IT infrastructure monitoring from CareTech's Healthcare Infrastructure Operations Center (HIOC), a technology hub for the storing and monitoring of data, systems and applications located in Troy, Mich.
May 31, 2011
Press Release
The Health Information Trust Alliance (HITRUST) announced today a new component of the CSF Assurance program targeted at healthcare organizations with annual revenue less than $25 million. The new security assessment approach addresses the wide-scale inaccuracies found in assessments conducted by smaller organizations and extends the reach and value of the CSF Assurance program, the most widely used approach for documenting risk assessment information in the healthcare industry. The HITRUST CSF Assessment for Small Organizations is a practical and effective solution for organizations wanting to perform accurate assessments of their information security environment and address the requirements of meaningful use.
May 26, 2011
Press Release