Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
The National Institutes of Health has issued a final policy it hopes will promote genomic data sharing as a way to improve health while still protecting the privacy of research participants.
August 28, 2014
News
A restrictive new rule change from the Drug Enforcement Administration, making it more difficult for physicians to prescribe opioids, will necessitate some changes to e-prescribing products and practices.
August 28, 2014
News
Consider the Assumption of Breach methodology that Seattle Children's Hospital Chief Information Security Officer Cris Ewell will delve into at the HIMSS Media and Healthcare IT News Privacy and Security Forum in Boston Sept. 8-9.
August 28, 2014
News
In a move meant to broaden its reach, improve security and help providers meet meaningful use, Georgia Health Information Network has upgraded its GeorgiaDirect messaging tool to offer access to the larger DirectTrust community.
August 27, 2014
News
Cedars-Sinai Health System notified its patients of a HIPAA breach, after an unencrypted hospital laptop containing patient medical data and Social Security numbers was stolen from an employee's home.
August 26, 2014
News
A decade ago almost all doctors kept paper charts on every patient. That is changing quickly as laptops become as common as stethoscopes in exam rooms. Here are some frequently asked questions about this evolution underway in American medicine and the government programs sparking the change.
August 21, 2014
News
When it comes to data breaches, hacking and loss or theft of unencrypted devices are far from healthcare security professionals' only concerns. Employee snooping and insider misuse also prove to be among the biggest privacy threats in the healthcare sector today.
August 19, 2014
News
In the second biggest HIPAA breach ever reported, one of the nation's largest healthcare systems has notified some 4.5 million of its patients that their personal information has been stolen by cybercriminals.
August 18, 2014
News
More than $26 billion has been invested, mostly in incentive payments to hospitals and eligible professionals who meaningfully use electronic health records. Yet just a small percentage of healthcare systems are electronically sharing data.
August 15, 2014
News
When asked how big his security team is at the 25-hospital Texas Health Resources, Chief Information Officer Ed Marx responds in a serious manner: "24,000" -- which happens to be the total number of people the health system employs.
August 15, 2014
News
To an industry waiting for more information on Apple's healthcare intentions, even a few crumbs here and there are too tasty to pass up. No word from Apple on timing yet, but Reuters has reported that anonymous sources revealed Apple has held HealthKit discussions with Mount Sinai, the Cleveland Clinic and Johns Hopkins, as well as Epic rival Allscripts.
August 14, 2014
News
With a nod to Apple and its famous 1997 TV spot, which highlighted doers and dreamers who colored outside the lines, we profile some of the 'crazy ones' who are helping transform health IT in new and unique ways.
August 12, 2014
News
In this webinar, learn how Tenet Healthcare CMIO Brian Ralston has created a more collaborative environment by embracing secure texting on mobile devices.
August 13, 2014
Resource
Do Not Protect
http://himssmediawebinars.com/registration/webinar/how-cmios-foster-collaboration-secure-texting?affiliatedata=website
Welcome to the era of the Electronic Health Record (EHR). The portability of critical data enabled through EHRs can mean stronger caregiver collaboration, better diagnoses and, ultimately, improved patient outcomes. But, this dynamic mobility for healthcare IT also means that providers must take a new approach to information security.
July 14, 2014
Resource
Do Not Protect
http://himssmediawebinars.com/registration/webinar/security-maturity-model-and-solutions-healthcare?affiliatedata=website
Patient safety and the reduction of medical errors are key drivers in the healthcare industry today. To address these needs, more and more providers are using laser-printed patient wristbands at the critical juncture of admitting patients to the facility. Wristbands that stay on the patient and remain readable after repeated use and extended treatments need to be easy to print, easy to read, and cost effective to deploy.
July 10, 2014
Resource
sites/default/files/resource-media/pdf/hp_solution_brief_-_gain_efficiences_improve_patient_safety_-_hp_patient_identification_solution.pdf
Protect
A major Southeastern U.S. healthcare system needed to securely issue prescriptions directly from its two electronic medical record (EMR) systems: one for its hospitals and another for its clinics. Secure printing across the entire printer network was vital to reduce the risk of fraud and meet stringent government regulations. The HP Prescription Printing Security Solution was selected to meet this challenge.
July 10, 2014
Resource
sites/default/files/resource-media/pdf/hp_solution_brief_-_secure_simplify_save_-_hp_prescription_printing_solution.pdf
Protect
Uncontrolled print environments in a hospital setting can present a serious risk to patient privacy, profit, institutional security, and profitability. You must protect sensitive information, secure devices, and improve 7x24 device availability in critical clinical environments to provide the care patients need and expect. To gain better control, you need to implement plans that meet industry regulations while also increasing productivity, lowering costs, and providing more flexible scanning and printing solutions for staff and clinicians.
July 10, 2014
Resource
sites/default/files/resource-media/pdf/hp_solution_brief_-_control_safeguard_comply_-_hp_access_control.pdf
Protect
As healthcare leaders work to protect patients, their data, and comply with federal requirements, independent audits routinely expose a common blind spot and springboard for patient data breaches and even misdiagnoses: connected medical devices. From data loss to patient harm, hefty penalties and jail time, learn how to pinpoint and counter the hidden risks that can impair your organization's healthcare delivery, patient data security and compliance.
July 9, 2014
Resource
Do Not Protect
http://himssmediawebinars.com/registration/webinar/acing-audit-how-medical-devices-impact-your-hipaa-meaningful-use-and-fda-compli?affiliatedata=website
Much of the news surrounding healthcare in recent years has centered on the Affordable Care Act (ACA), which radically changes the way healthcare is provided to millions of Americans. Care providers, compliance officers, and legal departments are all too aware that the ACA is only the latest in a series of legislation and regulations to affect the healthcare industry over the past 20 years. Read this white paper and learn how affordable software tools now exist in order to conduct remote investigations quickly without paying a third-party service provider. In addition, you’ll learn how for many mid-sized organization in and around the healthcare industry, these investigations are slow and costly.
June 16, 2014
Resource
sites/default/files/resource-media/pdf/qs_healthcare_exec-brief_060514_approved_gsi.pdf
Protect
The increasing fluidity and proliferation of protected health information (PHI) on the web and mobile devices has created many new avenues for cyber attacks and the theft of personal health information. In fact, the Federal Bureau of Investigation (FBI) just released a warning to the healthcare industry recognizing the vulnerability of electronic health records (EHR). This report offers real insight from healthcare IT executives on the threats targeting healthcare data and the top ten recommendations for maintaining privacy in a mobile environment.
May 29, 2014
Resource
sites/default/files/resource-media/pdf/iht2-10-steps-data-privacy-changing-mobile-world.pdf
Protect
Cloud computing is still a nascent market in the healthcare industry, yet healthcare organizations are beginning to incorporate the ability to use remote servers and networks to store, manage and process data into their short- and long-term plans. This in depth paper with actionable insight from industry leading speakers at the executive briefing is designed to help you navigate issues of moving to the cloud, new models of care, seizing the right opportunities and overcoming barriers.
May 20, 2014
Resource
sites/default/files/resource-media/pdf/verizon_event_briefing_wp.pdf
Protect
HIPAA-compliant hosting can help healthcare organizations address issues in the areas of cost containment, cost predictability, rapid application rollout and expertise utilization. Any healthcare-related organization, including Business Associates of HIPAA Covered Entities, should consider the use of a well-qualified cloud provider that can host patient portals, health information exchanges, email and other services that healthcare organizations must manage. This white paper addresses some of the key issues in healthcare management and how a well-qualified, compliant hosting provider can help organizations to reduce costs and better meet their obligations. Understand the key focus areas on fulfilling Meaningful Use Stage 2 requirements, managing medical image archives, enabling application decommissioning, implementing Disaster Recovery for EHR and EMR, and HIPAA-Compliant Hosting.
May 16, 2014
Resource
sites/default/files/resource-media/pdf/lw_wp_key_issues_in_healthcare_compliance_and_cost2.pdf
Protect
Healthcare cybersecurity is rapidly coming into focus as a pressing need. Recent FBI reports and data breach events underscore what industry insiders already know - healthcare needs solutions for properly protecting information. Because healthcare must also deal with shrinking reimbursement and uncertain regulatory pressures, these solutions must be practical, effective, and facilitate patient care. To learn more about Cybersecurity in the healthcare space and its importance, please join Leidos Health for this free webinar.
May 14, 2014
Resource
Do Not Protect
http://himssmediawebinars.com/registration/webinar/healthcare-cybersecurity-3-practical-solutions?affiliatedata=website
Learn the challenges healthcare organizations have in locking down their HIPAA compliant applications in the cloud. See the latest data breaches and solutions to keeping your ePHI protected in the cloud.
March 25, 2014
Resource
sites/default/files/resource-media/pdf/firehost-locking-down-the-cloud-health-2014.pdf
Protect
One of the enduring ironies when it comes to health IT is the contradiction between the understandable concern among healthcare stakeholders over data security and the apparent willingness of patients to share their own information. Two recent polls bear this out.
February 6, 2014
Blog
The recent FTC decision in the LabMD case has HIPAA-watchers scratching their heads, tugging their beards, and generally wondering about reconciling FTC-style litigation-based regulation with OCR-style rule-based regulation of health care data privacy and security.
January 30, 2014
Blog
IT may not get much credit when it comes to saving patient lives, but there's no denying that cloud technologies can help do just that. By making medical data immediately available to providers, cloud-enabled applications can share test results, identify medication allergies and improve patient outcomes.
January 29, 2014
Blog
Recently I was invited by the Patient Privacy Rights Foundation to lead a discussion that addressed patient privacy concerns and potential solutions for doctors working with EHRs.
January 27, 2014
Blog
2014 represents a transformative year for healthcare in the United States. Exciting innovations are making a significant impact on the industry, and I am hopeful that we will see a transformation across the industry to more consumer-centric and value-driven healthcare.
January 14, 2014
Blog
Here we go again! As I've stated many times before, no pictures in the hospital and no posting them on social networking sites.
December 9, 2013
Blog
The good news for patients is that their personal health information is becoming more secure all the time. But it takes unfortunate breaches, such as an event that occurred in Charlotte in August 2013, to highlight the need for increasingly stronger data-security provisions.
November 25, 2013
Blog
A common and somewhat unique aspect to EHR vendor contracts is that the EHR vendor lays claim to the data entered into their system. It confounds us as to why healthcare organizations let their vendors of choice get away with this.
November 19, 2013
Blog
The idea of risk management in information security has always been a bit difficult to pin down. For example, there is too little historical and behavioral data to identify trends or make predictions with confidence.
October 16, 2013
Blog
Organizations are showing a remarkable appetite to innovate using the latest in cloud technology, but also concerns over whether the cloud is secure enough to protect electronic patient health information. And everyone wants to know - is my service provider compliant?
September 20, 2013
Blog
There is no question that the resources required to process, analyze, and manage petabytes of genomic information represent a huge burden. That burden becomes even greater when one factors in the need to handle these data in compliance with an alphabet soup of regulatory regimes.
September 4, 2013
Blog
If you’re a healthcare provider who has shied away from the cloud due to security concerns, you could be making a grave mistake. In fact, moving to the cloud can increase data security.
August 29, 2013
Blog
Sage Healthcare Division, a unit of Sage North America, announced today that its client, Dr. Moore & Associates, a primary care practice in Brooklyn, NY, is among several of the company's clients to successfully attest to Stage 1 meaningful use under the Medicare EHR Incentive Program.
May 25, 2011
Press Release
A team from the Department of Veterans Affairs (VA) and Stanford University is exploring a new approach to clinical trials that experts say will cost less and be easier to translate into practice.
May 9, 2011
Press Release
Hannibal Regional Healthcare System, which operates a not-for-profit community hospital in northeast Missouri, has selected the Sunrise Enterprise suite of solutions from Allscripts.
May 6, 2011
Press Release
Selecting the correct software to use in a medical practice is critical for physicians, particularly now that all technology-based practices must be compliant with the government's updated standard for electronic claims transactions. The new standard, known as HIPAA Version 5010, will be required by January 1, 2012. The American Medical Association (AMA) and the Medical Group Management Association (MGMA) have made the software selection process easier by developing an online directory of software vendors that helps physicians determine whether the vendors’ practice management systems are compliant with the 5010 standard. A companion piece to the recently released Selecting a Practice Management System toolkit, the Practice Management System Software Directory provides detailed vendor profiles, enabling physicians to easily choose the software that best fits their needs.
April 28, 2011
Press Release
PhoneFactor, the leading global provider of phone-based authentication, today released the results of its recent survey on multi-factor authentication. The results indicate organizations that utilize security tokens, many of which are already frustrated with the burden tokens place on their IT departments and end users, are being driven to action by the recent RSA breach.
April 27, 2011
Press Release
CDW LLC (CDW), a leading provider of technology solutions to business, government, education and healthcare, today released the findings of its Video Conferencing Straw Poll Report. The report finds that half of companies use some form of video conferencing today and another quarter plan to implement the technology within the next two years. Video conferencing adoption, driven by reduced operating costs, improved decision making and improved communication, will branch out beyond simple peer-to-peer devices into more cutting-edge collaborative video conferencing systems, such as immersive telepresence.
April 25, 2011
Press Release
To ensure downtime access to current patient data after moving to electronic medical records (EMRs) and electronic medication administration records (eMARs), Hancock Regional Hospital in Greenfield, IN implemented NetSafe, Interbit Data's downtime protection and business continuance solution.
July 29, 2010
Press Release
Twin County Regional Hospital is expanding its McKesson Paragon hospital information system to increase efficiency and help improve patient safety across the entire medical community of Galax, Va. and surrounding areas.
January 8, 2010
Press Release