Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
Two large health insurers are hoping a new "public utility" patient data sharing service will improve one of the most pernicious problems in American healthcare.
August 29, 2014
News
Healthcare privacy and security experts from around the U.S. will gather in Boston, Sept. 8-9 to share information and strategize over how to combat cybercrime, insider threats and other pressing challenges to patient data.
August 28, 2014
News
The National Institutes of Health has issued a final policy it hopes will promote genomic data sharing as a way to improve health while still protecting the privacy of research participants.
August 28, 2014
News
A restrictive new rule change from the Drug Enforcement Administration, making it more difficult for physicians to prescribe opioids, will necessitate some changes to e-prescribing products and practices.
August 28, 2014
News
Consider the Assumption of Breach methodology that Seattle Children's Hospital Chief Information Security Officer Cris Ewell will delve into at the HIMSS Media and Healthcare IT News Privacy and Security Forum in Boston Sept. 8-9.
August 28, 2014
News
In a security landscape where threats are multiplying and criminals are getting craftier, simple HIPAA compliance is nowhere near enough
August 27, 2014
News
In a move meant to broaden its reach, improve security and help providers meet meaningful use, Georgia Health Information Network has upgraded its GeorgiaDirect messaging tool to offer access to the larger DirectTrust community.
August 27, 2014
News
Cedars-Sinai Health System is notifying its patients of a HIPAA breach, after an unencrypted hospital laptop containing patient medical data and Social Security numbers was stolen from an employee's home.
August 26, 2014
News
A decade ago almost all doctors kept paper charts on every patient. That is changing quickly as laptops become as common as stethoscopes in exam rooms. Here are some frequently asked questions about this evolution underway in American medicine and the government programs sparking the change.
August 21, 2014
News
When it comes to data breaches, hacking and loss or theft of unencrypted devices are far from healthcare security professionals' only concerns. Employee snooping and insider misuse also prove to be among the biggest privacy threats in the healthcare sector today.
August 19, 2014
News
In the second biggest HIPAA breach ever reported, one of the nation's largest healthcare systems has notified some 4.5 million of its patients that their personal information has been stolen by cybercriminals.
August 18, 2014
News
More than $26 billion has been invested, mostly in incentive payments to hospitals and eligible professionals who meaningfully use electronic health records. Yet just a small percentage of healthcare systems are electronically sharing data.
August 15, 2014
News
Analytically useful anonymized data maintains referential integrity, so that relationships between data elements can be teased out of a patient’s medical information. This is needed for many forms of advanced analytics—such as evidence-based medicine, predicting resource demands, or estimating patient health-risk factors.
July 10, 2014
Resource
sites/default/files/resource-media/pdf/white_paper_the_analytic_utility_of_anonymized_data.pdf
Protect
To extract or maximize the value contained in databases, data custodians must often provide outside organizations access to their data. In order to protect the privacy of the individuals whose data is being disclosed, a data custodian must “de-identify” information before releasing it to a third-party. De-identification ensures that data cannot be matched to the person it describes. What might seem like a simple matter of masking a person’s direct identifiers (name, address), the problem of de-identification has proven more difficult and is an active area of scientific research.
July 10, 2014
Resource
sites/default/files/resource-media/pdf/de-identification_101_final.pdf
Protect
Healthcare organizations are burdened with a deluge of data and it’s only getting worse over time. Whether it’s provider-generated observational data coming through EHRs, medical imaging and telemetry data, or patient-generated consumer device and genetic data, the traditional methods for managing health information do not scale. Given the enormous and ever-increasing value of healthcare data, new approaches to enterprise ILM are essential. And, with scarce resources limiting your ability to “do it yourself” you’ll need the right partners that understand and implement these new approaches.
October 21, 2013
Resource
sites/default/files/resource-media/pdf/strategies_for_healthcare_information_lifecycle_management.pdf
Protect
Healthcare workers are not immune to the BYOD trend. More & more healthcare facilities are allowing their clinicians the use of smart phones, tablets & other mobile devices to access applications and enable them to deliver care wherever & whenever needed. The use of these mobile devices also presents a huge risk to patient information. Read on to learn how Intel© Anti-theft technology can help keep your patient information safe.
July 2, 2013
Resource
sites/default/files/resource-media/pdf/securing-mobile-devices-in-healthcare-solution-brief1.pdf
Protect
In January 2012, Healthcare IT News conducted a survey to identify drivers and challenges for developing and deploying a solution for centralized digital document delivery that complies with healthcare industry regulations. Read this report to learn the key findings from the survey investigating trends in the adoption of digital document management systems by healthcare institutions since the rollout of the <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">HITECH</a> Act’s financial incentive programs.
September 2, 2012
Resource
sites/default/files/resource-media/pdf/opentext_white_paper_final.pdf
Protect
This whitepaper looks at the five ways doctors and their hospitals can benefit from the ability to achieve instant communications routed per physicians’ preferences. With the improved ability for doctors to coordinate care through well-routed communication requests, patient care gets a boost, staff satisfaction goes up, and the healthcare system can achieve overall greater efficiency.
June 1, 2012
Resource
sites/default/files/resource-media/pdf/amcom_5-ways-doctors-instant-communications.pdf
Protect
Learn how to build a risk-stratified response plan to secure medical data whenever a visual privacy incident is reported to limit potential harm to patients and the organization.
August 21, 2014
Resource
sites/default/files/resource-media/pdf/3msdp2301_h4_hc_privacybreach_081314.pdf
Protect
Identify the risks, review healthcare compliance issues, and consider recommended solutions to help protect medical data on mobile devices.
August 21, 2014
Resource
sites/default/files/resource-media/pdf/3msdp2301_h2_hc_compliancerisks_081314.pdf
Protect
Establish security controls to examine how healthcare officials can better address low-tech vulnerabilities like human error and a lack of visual privacy, that can help companies remain compliant with HIPAA regulation.
August 21, 2014
Resource
sites/default/files/resource-media/pdf/3msdp2301_h1_hc_privacyconcerns_081314.pdf
Protect
In this webinar, learn how Tenet Healthcare CMIO Brian Ralston has created a more collaborative environment by embracing secure texting on mobile devices.
August 13, 2014
Resource
Do Not Protect
http://himssmediawebinars.com/registration/webinar/how-cmios-foster-collaboration-secure-texting?affiliatedata=website
Welcome to the era of the Electronic Health Record (EHR). The portability of critical data enabled through EHRs can mean stronger caregiver collaboration, better diagnoses and, ultimately, improved patient outcomes. But, this dynamic mobility for healthcare IT also means that providers must take a new approach to information security.
July 14, 2014
Resource
Do Not Protect
http://himssmediawebinars.com/registration/webinar/security-maturity-model-and-solutions-healthcare?affiliatedata=website
Patient safety and the reduction of medical errors are key drivers in the healthcare industry today. To address these needs, more and more providers are using laser-printed patient wristbands at the critical juncture of admitting patients to the facility. Wristbands that stay on the patient and remain readable after repeated use and extended treatments need to be easy to print, easy to read, and cost effective to deploy.
July 10, 2014
Resource
sites/default/files/resource-media/pdf/hp_solution_brief_-_gain_efficiences_improve_patient_safety_-_hp_patient_identification_solution.pdf
Protect
In reading an account of the recent attack on Community Health Systems, I was struck by the notion put across in the article that all we have to do is work harder to patch vulnerabilities, that with a better defense we can win the game against a skilled quarterback.
August 25, 2014
Blog
The consumerization of IT and the bring-your-own-device movement in the workplace has proven to be extremely beneficial for the healthcare industry, allowing providers to access patient data, billing information, clinical trial data and employee information on the go. However, this comes with a price.
August 12, 2014
Blog
Technology poses a constant dilemma. On one hand, it makes our lives easier and, in many cases, more efficient. However, it also leaves those who don’t understand or respect data security vulnerable to thieves, and the healthcare industry is a place where this reality rings especially true.
July 31, 2014
Blog
When it comes to leveraging the cloud for healthcare IT, I see two prevailing dynamics over and over. The first is that most organizations understand the benefits of the cloud very well. But when it comes to enjoying those benefits by partnering with the right provider, these same organizations are frequently lost.
June 24, 2014
Blog
The beauty of our technological world lies in the simple fact that as a technology is used by more people, it inevitably improves. Enterprise content management is no different.
May 29, 2014
Blog
HHS has released a new security risk assessment tool to help providers, and perhaps business partners, uncover potential weaknesses in their security policies, processes and systems.
May 19, 2014
Blog
What the healthcare industry needs to know about preventing security risk.
May 7, 2014
Blog
As I survey the landscape in 2014, I see much more sophisticated attacks at the same time there is much more severe regulatory enforcement. Where would I put my security dollars this year?
April 30, 2014
Blog
As technology continues to evolve, it can be difficult to resist getting caught by the "gee whiz" factor as we project what the future of healthcare could look like. But a new study may reveal the kind of challenges that lie ahead.
April 29, 2014
Blog
The Heartbleed web security exploit was first publicized several weeks ago. Fred Trotter notes in the MIT Technology Review that other similarly worrisome exploits do not get our attention in the same way, and that more health data leaks are likely in our future.
April 29, 2014
Blog
There are innumerable clinical, financial and compliance issues to be concerned about in this watershed era for the American healthcare system. However, do not forget about HIPAA.
April 17, 2014
Blog
As we discussed in Part I of this series, encryption plays a vital role in healthcare IT security, but not everyone understands the ins and outs. Today we're going to focus on the other more critical components of encryption.
March 28, 2014
Blog
The Electronic Healthcare Network Accreditation Commission (EHNAC), a non-profit standards development organization and accrediting body, in partnership with the Workgroup for Electronic Data Interchange (WEDI), today announced the formation of the new Practice Management System Accreditation Program (PMSAP).
July 15, 2014
Press Release
Numera, providing customizable solutions for companies interested in improving their offerings for healthy aging, chronic condition management, and post-acute careannounced its collaboration with ResMed on its patient engagement platform called SleepSeeker, a free online tool to improve patient compliance with therapy for sleep-disordered breathing.
June 18, 2013
Press Release
Cognosante, a provider of IT services for healthcare organizations, announced it was awarded a contract from Orion Health to provide integration and identity management for the first phase of the Massachusetts Statewide Health Information Exchange (HIE) program.
October 2, 2012
Press Release
Aetna and Hunterdon HealthCare Partners have announced a new accountable care agreement that will improve the quality and cost of patient care, helping members and plan sponsors save money.
July 19, 2012
Press Release
Vormetric, Inc., the leader in enterprise systems encryption and key management, today announced the results from an independent research report conducted by the Ponemon Institute on how organizations manage data security risks in cloud computing environments. The survey of 1,000 IT security practitioners and enterprise compliance officers revealed that less than half of all respondents believe their organizations have adequate technologies to secure their cloud infrastructures. Meanwhile, the two groups sharply disagreed on whether the cloud is as secure as on-premise datacenters, who is responsible for cloud data security, and what security measures should be used.
November 1, 2011
Press Release
Harris Corporation, an international communications and information technology company, in partnership with the Florida Agency for Health Care Administration (AHCA), has launched a secure email service that enables health care providers to exchange health information electronically with other providers.
August 31, 2011
Press Release
When a baby requires care in the Neonatal Intensive Care Unit (NICU), it is a stressful time for the entire family. St. Jude Medical Center, part of the St. Joseph Health System, has made it a little easier. For parents with babies in the St. Jude NICU, no matter where they are, no matter if it is 2 a.m. or 2 p.m.-their infant is now as close as a computer or mobile device.
July 7, 2011
Press Release
Seven community health centers and federally qualified health centers in central Indiana are now part of the Indiana Health Information Exchange's (IHIE) quality initiative, called the Quality Health First Program. Open Door Health Services, based in Muncie, is the latest participant the program.
June 21, 2011
Press Release
To help health care organizations and their business partners address evolving federal requirements for health data security and privacy, Verizon is enhancing two of its security programs.
June 2, 2011
Press Release
Health Level Seven® International (HL7), the global authority for interoperability and standards in healthcare information technology with members in 55 countries, today announced the appointment of Doug Fridsma, MD, PhD, director of the Office of Interoperability and Standards, Office of the National Coordinator for Health Information Technology (ONC), to the HL7 Board of Directors.
May 31, 2011
Press Release
CareTech Solutions, an information technology and Web products and services provider for more than 180 U.S. hospitals and health systems, announced today that St. Luke's Hospital & Health Network (SLHHN) in Bethlehem, PA. selected the company to provide remote 24/7/365 IT infrastructure monitoring from CareTech's Healthcare Infrastructure Operations Center (HIOC), a technology hub for the storing and monitoring of data, systems and applications located in Troy, Mich.
May 31, 2011
Press Release
The Health Information Trust Alliance (HITRUST) announced today a new component of the CSF Assurance program targeted at healthcare organizations with annual revenue less than $25 million. The new security assessment approach addresses the wide-scale inaccuracies found in assessments conducted by smaller organizations and extends the reach and value of the CSF Assurance program, the most widely used approach for documenting risk assessment information in the healthcare industry. The HITRUST CSF Assessment for Small Organizations is a practical and effective solution for organizations wanting to perform accurate assessments of their information security environment and address the requirements of meaningful use.
May 26, 2011
Press Release