Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
Call it big data bloodlust: The more health information being generated by a growing contingency of apps, devices, electronic health records, mHealth sensors and wearables, the broader and stronger the desire for that data becomes.
June 30, 2014
News
In one of the largest HIPAA breaches ever reported, the Montana Department of Public Health and Human Services is notifying some 1.3 million people after hackers gained unfettered access to an agency server for nearly a year before being discovered.
June 25, 2014
News
More than 60 percent of all industries worldwide embrace BYOD, says Mac McMillan, CEO of the information security company CynergisTek and chairman of the HIMSS Privacy and Security Task Force. In healthcare, that number stands at around 85 percent, with 92 percent of that number saying personal mobile devices are in use multiple times every day.
June 25, 2014
News
As myriad healthcare organizations have attested, the aftermath of a HIPAA violation generally isn't a pretty sight, especially when it comes to one's bank account. One Indiana-based health system has witnessed this reality after being slapped with an $800,000 settlement for violating the HIPAA Privacy Rule.
June 24, 2014
News
The U.S. Department of Health & Human Services has launched a federal probe into HIPAA privacy violations at the University of Cincinnati Medical Center, according to an HHS spokesperson.
June 24, 2014
News
Data attacks on healthcare organizations have increased a whopping 100 percent from just four years ago, a reality that has chief security and information officers in a dash to stay ahead of the data protection curve.
June 23, 2014
News
In one of her first orders of business as new Health and Human Services Secretary, Sylvia Mathews Burwell has made management changes aimed at ensuring that HealthCare.gov is robust enough to handle the upcoming open enrollment period.
June 23, 2014
News
Some 90 percent of healthcare organizations have reported at least one data breach in the past two years, with more than a third seeing more than five breaches. Gerry Hinkley, partner at Pillsbury Winthrop Shaw Pittman's healthcare practice, says breach response is where many make major missteps, mistakes that can easily be avoided.
June 20, 2014
News
More than 20,000 patients seen at a San Diego hospital are getting HIPAA breach notification letters after employees on two separate occasions emailed protected health information to job applicants by mistake. One incident occurred nearly two years ago.
June 19, 2014
News
It's not just the thought of having a data security breach that scares Kaiser Permanente's Jim Doggett. It's the far-reaching damage such an event could wreak that really keeps him up at night.
June 17, 2014
News
Eighty percent of respondents to the inaugural 2014 HIMSS Analytics Cloud Survey say they currently use cloud-based IT services, for everything from human resources technology to data backup and disaster recovery. Still qualms about performance and privacy persist.
June 17, 2014
News
Imagine if almost everyone walking into your hospital -- patients, doctors, visitors, salespeople -- was carrying an active homing beacon, which broadcast, unencrypted, their presence and repeatedly updated exact location to anyone who chose to listen.
June 16, 2014
News
The increasing fluidity and proliferation of protected health information (PHI) on the web and mobile devices has created many new avenues for cyber attacks and the theft of personal health information. In fact, the Federal Bureau of Investigation (FBI) just released a warning to the healthcare industry recognizing the vulnerability of electronic health records (EHR). This report offers real insight from healthcare IT executives on the threats targeting healthcare data and the top ten recommendations for maintaining privacy in a mobile environment.
May 29, 2014
Resource
sites/default/files/resource-media/pdf/iht2-10-steps-data-privacy-changing-mobile-world.pdf
Protect
Cloud computing is still a nascent market in the healthcare industry, yet healthcare organizations are beginning to incorporate the ability to use remote servers and networks to store, manage and process data into their short- and long-term plans. This in depth paper with actionable insight from industry leading speakers at the executive briefing is designed to help you navigate issues of moving to the cloud, new models of care, seizing the right opportunities and overcoming barriers.
May 20, 2014
Resource
sites/default/files/resource-media/pdf/verizon_event_briefing_wp.pdf
Protect
HIPAA-compliant hosting can help healthcare organizations address issues in the areas of cost containment, cost predictability, rapid application rollout and expertise utilization. Any healthcare-related organization, including Business Associates of HIPAA Covered Entities, should consider the use of a well-qualified cloud provider that can host patient portals, health information exchanges, email and other services that healthcare organizations must manage. This white paper addresses some of the key issues in healthcare management and how a well-qualified, compliant hosting provider can help organizations to reduce costs and better meet their obligations. Understand the key focus areas on fulfilling Meaningful Use Stage 2 requirements, managing medical image archives, enabling application decommissioning, implementing Disaster Recovery for EHR and EMR, and HIPAA-Compliant Hosting.
May 16, 2014
Resource
sites/default/files/resource-media/pdf/lw_wp_key_issues_in_healthcare_compliance_and_cost2.pdf
Protect
Healthcare cybersecurity is rapidly coming into focus as a pressing need. Recent FBI reports and data breach events underscore what industry insiders already know - healthcare needs solutions for properly protecting information. Because healthcare must also deal with shrinking reimbursement and uncertain regulatory pressures, these solutions must be practical, effective, and facilitate patient care. To learn more about Cybersecurity in the healthcare space and its importance, please join Leidos Health for this free webinar.
May 14, 2014
Resource
Do Not Protect
http://himssmediawebinars.com/registration/webinar/healthcare-cybersecurity-3-practical-solutions?affiliatedata=website
Learn the challenges healthcare organizations have in locking down their HIPAA compliant applications in the cloud. See the latest data breaches and solutions to keeping your ePHI protected in the cloud.
March 25, 2014
Resource
sites/default/files/resource-media/pdf/firehost-locking-down-the-cloud-health-2014.pdf
Protect
Read through valuable insights on the changing landscape of the Healthcare IT industry today. Learn about leading practices from our thought leaders and their strategic thinking through a series of interviews by Deloitte’s key industry leaders, client interviews, research and thought leadership articles on government reform, new risk-based models such as value-based care, M&A activities, growing patient populations and increased competition amid shrinking resources that are driving transformation.
February 17, 2014
Resource
Protect
http://www.pageturnpro.com/MedTech-Media/56077-The-Innovator-Hospital-Poised-to-Deliver-Future-Care/index.html
Collaborative care offers tremendous benefit for patients, but demands PHI accessibility across the complex healthcare environment and across multiple users and locations. Information sharing without the worry of unauthorized access or a data breach is critical to ensure patient trust and avoid regulatory fines. In a business that’s constantly changing with new technologies, such as cloud and BYOD, and offering new ways of interacting with patients and providers, the need for secure access to patient data is critical. Download the latest RSA white paper, “Cybercrime and the Healthcare Industry,” to learn about the latest cyber threats targeting patient data and key areas of consideration in implementing security and access controls to address HIPAA, Meaningful Use, and other regulations.
February 14, 2014
Resource
sites/default/files/resource-media/pdf/cybhc_wp_0713.pdf
Protect
From online shopping and banking to accessing personal health information, consumers are moving more of their personal lives to the Web. The explosion of digital identities and loss of customer information from data breaches is driving the need for effective consumer-facing authentication and access management tools. Yet, many organizations lack adequate controls to secure access to their consumer Web portals out of fear of disrupting the user experience. The latest Forrester Research report, “Consumer Web Portals: Platforms at Significant Security Risk,” where you will gain insight on the risks and threats.
February 14, 2014
Resource
sites/default/files/resource-media/pdf/consumer_web_portals_-_platforms_at_significant_risk_december_2013.pdf
Protect
For enterprises looking at NGFWs, the most important consideration is: Will this new technology empower your security teams to securely enable applications to the benefit of the organization? It's not about blocking applications, but safely enabling these applications at the firewall.
January 31, 2014
Resource
sites/default/files/resource-media/pdf/10-things.pdf
Protect
Cybersecurity has become a leading topic both within and beyond the corporate boardroom. What enterprises need to stop the escalation of cyberattacks is a network security approach that is designed from the outset to enable the safe use of the applications and technologies required to support a thriving business.
January 31, 2014
Resource
sites/default/files/resource-media/pdf/cybersecurity-imperatives.pdf
Protect
This paper examines three different organizations, the legacy infrastructure they replaced, the Palo Alto Networks next generation security platform they deployed, and the substantial savings they realized - cutting both capital and operations costs by an average of 50%.
January 31, 2014
Resource
sites/default/files/resource-media/pdf/reducing-costs-with-nextgen-security.pdf
Protect
Iron Mountain has prepared this primer to help you navigate the changes in HIPAA, clarify the role of vendors and other third parties, and heighten your awareness of best practices that will aid in compliance and improve the management of both paper and electronic health records.
October 21, 2013
Resource
sites/default/files/resource-media/pdf/hipaa_primer-andthe-omnibus_final_rule_2013.pdf
Protect
Recently I was invited by the Patient Privacy Rights Foundation to lead a discussion that addressed patient privacy concerns and potential solutions for doctors working with EHRs.
January 27, 2014
Blog
2014 represents a transformative year for healthcare in the United States. Exciting innovations are making a significant impact on the industry, and I am hopeful that we will see a transformation across the industry to more consumer-centric and value-driven healthcare.
January 14, 2014
Blog
Here we go again! As I've stated many times before, no pictures in the hospital and no posting them on social networking sites.
December 9, 2013
Blog
The good news for patients is that their personal health information is becoming more secure all the time. But it takes unfortunate breaches, such as an event that occurred in Charlotte in August 2013, to highlight the need for increasingly stronger data-security provisions.
November 25, 2013
Blog
A common and somewhat unique aspect to EHR vendor contracts is that the EHR vendor lays claim to the data entered into their system. It confounds us as to why healthcare organizations let their vendors of choice get away with this.
November 19, 2013
Blog
The idea of risk management in information security has always been a bit difficult to pin down. For example, there is too little historical and behavioral data to identify trends or make predictions with confidence.
October 16, 2013
Blog
Organizations are showing a remarkable appetite to innovate using the latest in cloud technology, but also concerns over whether the cloud is secure enough to protect electronic patient health information. And everyone wants to know - is my service provider compliant?
September 20, 2013
Blog
There is no question that the resources required to process, analyze, and manage petabytes of genomic information represent a huge burden. That burden becomes even greater when one factors in the need to handle these data in compliance with an alphabet soup of regulatory regimes.
September 4, 2013
Blog
If you’re a healthcare provider who has shied away from the cloud due to security concerns, you could be making a grave mistake. In fact, moving to the cloud can increase data security.
August 29, 2013
Blog
While role-based access control has uses in every industry, healthcare systems in particular can benefit from a proper implementation of these solutions.
August 26, 2013
Blog
As healthcare providers rely more and more on evolving technologies to store and transmit their data, compliance has become an increasingly complex landscape to navigate.
August 2, 2013
Blog
I have been following the news about the National Security Agency (NSA) access to our phone records with great interest. If we as a society don’t sort some of this out, we’ll see a repeat in the health sector a few years from now.
June 26, 2013
Blog
Sage Healthcare Division, a unit of Sage North America, announced today that its client, Dr. Moore & Associates, a primary care practice in Brooklyn, NY, is among several of the company's clients to successfully attest to Stage 1 meaningful use under the Medicare EHR Incentive Program.
May 25, 2011
Press Release
A team from the Department of Veterans Affairs (VA) and Stanford University is exploring a new approach to clinical trials that experts say will cost less and be easier to translate into practice.
May 9, 2011
Press Release
Hannibal Regional Healthcare System, which operates a not-for-profit community hospital in northeast Missouri, has selected the Sunrise Enterprise suite of solutions from Allscripts.
May 6, 2011
Press Release
Selecting the correct software to use in a medical practice is critical for physicians, particularly now that all technology-based practices must be compliant with the government's updated standard for electronic claims transactions. The new standard, known as HIPAA Version 5010, will be required by January 1, 2012. The American Medical Association (AMA) and the Medical Group Management Association (MGMA) have made the software selection process easier by developing an online directory of software vendors that helps physicians determine whether the vendors’ practice management systems are compliant with the 5010 standard. A companion piece to the recently released Selecting a Practice Management System toolkit, the Practice Management System Software Directory provides detailed vendor profiles, enabling physicians to easily choose the software that best fits their needs.
April 28, 2011
Press Release
PhoneFactor, the leading global provider of phone-based authentication, today released the results of its recent survey on multi-factor authentication. The results indicate organizations that utilize security tokens, many of which are already frustrated with the burden tokens place on their IT departments and end users, are being driven to action by the recent RSA breach.
April 27, 2011
Press Release
CDW LLC (CDW), a leading provider of technology solutions to business, government, education and healthcare, today released the findings of its Video Conferencing Straw Poll Report. The report finds that half of companies use some form of video conferencing today and another quarter plan to implement the technology within the next two years. Video conferencing adoption, driven by reduced operating costs, improved decision making and improved communication, will branch out beyond simple peer-to-peer devices into more cutting-edge collaborative video conferencing systems, such as immersive telepresence.
April 25, 2011
Press Release
To ensure downtime access to current patient data after moving to electronic medical records (EMRs) and electronic medication administration records (eMARs), Hancock Regional Hospital in Greenfield, IN implemented NetSafe, Interbit Data's downtime protection and business continuance solution.
July 29, 2010
Press Release
Twin County Regional Hospital is expanding its McKesson Paragon hospital information system to increase efficiency and help improve patient safety across the entire medical community of Galax, Va. and surrounding areas.
January 8, 2010
Press Release