Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
The U.S. government's new $450 million job training program targets 270 community colleges across the country, many of which plan to offer courses in health IT.
October 8, 2014
News
Add Facebook to the list of Silicon Valley technology companies looking for ways to make personal health data a new part of their growth strategy. Like Apple and Google, the social network is said to be developing wellness apps, as well as health discussion groups for its 1.3 billion users.
October 6, 2014
News
As Shellshock, the latest serious cybersecurity flaw, casts its shadow over healthcare, the U.S. Food and Drug Administration has finalized a set of recommendations to protect medical devices from Web-based attacks.
October 2, 2014
News
If you think you'll be able to dodge a data breach without putting in some serious work, think again. This year, healthcare organizations have reported more breaches than ever -- a 10 percent jump, on average. So what are they doing to improve these numbers? Not nearly enough, says the Ponemon Institute.
October 1, 2014
News
A mail merge gone wrong has officials at the University of Florida and Texas Health and Human Services rushing to send patient notification letters after the error, which occurred a year ago, resulted in a data breach.
September 29, 2014
News
The Health Information Trust Alliance has put out a word of warning about Shellshock, a system vulnerability it says could wreak much more damage than the infamous Heartbleed bug.
September 29, 2014
News
The HHS Office of the Inspector General found one "critical vulnerability" in the security of information on HealthCare.gov, according to a report it released Tuesday.
September 23, 2014
News
"Just by having an app on your device, (a cybercriminal) can determine your call history, take your contact list info, if they choose to." That's how vulnerable smartphones, tablets and their mobile ilk actually are, Jim Routh said, and it's not just the devices that chief information security officers like him have to worry about.
September 23, 2014
News
App developers, who say they are being left out of important mHealth privacy and security conversations, are calling on the federal government to give them a little more transparency around the issues.
September 18, 2014
News
The Healthcare IT News/HIMSS Media Privacy & Security Forum in Boston featured 47 speakers who shared info and strategized over how to combat cybercrime and other pressing challenges to patient data. Here are four takeaways from the event.
September 17, 2014
News
Texas Health is hardly the only hospital or health network that struggles to convince the CEO, CFO or other board members just how critical funding security initiatives and technologies really is, but it did use a unique approach to get their attention.
September 17, 2014
News
A Huntsville, Ala., clinical diagnostics laboratory has notified more than 7,000 individuals of a HIPAA breach after the company discovered protected health information contained on a third-party server had been unsecured for nearly three years.
September 11, 2014
News
Short 5 minute video that offers a quick overview of the Dell Mobile Clinical Computing solution
September 22, 2014
Resource
Protect
http://www.dell.com/learn/us/en/70/videos~en/documents~dell-craig-spencer.aspx
Examine the total economic impact that you can realize by using Dell™ Mobile Clinical Computing (MCC). Discover how Tallahassee Memorial HealthCare (TMH) achieved clinical efficiency, data security and IT productivity by implementing Dell MCC.
September 22, 2014
Resource
sites/default/files/resource-media/pdf/total-economic-impact-mcc-solution.pdf
Protect
One page brochure that provides a quick solution overview and outlines the benefits of the Dell Mobile Clinical Computing Solution.
September 22, 2014
Resource
sites/default/files/resource-media/pdf/dell_mcc_infographic_brochure5.pdf
Protect
To demonstrate meaningful use of electronic health records (EHR), as required by the HITECH Act, hospitals must fulfill the seemingly contradictory mandates to increase the sharing of patients' protected health information while also keeping it secure. Notable Solutions adds a layer of security and control to paper-based and electronic processes, enabling HIPAA-compliant secure exchange of PHI. Download this white paper to learn how this advanced capture and output platform helps hospitals to reduce error, automatically mitigate the risk of noncompliance and avoid the fines, reputation damage and other costs of HIPAA violations and privacy breaches.
September 8, 2014
Resource
sites/default/files/resource-media/pdf/secure-exchange.pdf
Protect
Eighty one percent of healthcare organizations use smart devices to collect, store or transmit some form of PHI and 49 percent do nothing to protect them. In fact, theft or loss of portable and unencrypted devices is the leading source of reported HIPAA data breaches and fines.
September 8, 2014
Resource
sites/default/files/resource-media/pdf/point-of-care.pdf
Protect
Every time a document or form is copied, scanned, printed, faxed or emailed -a patient's protected health information (PHI) can be accidentally exposed or intentionally compromised. Notable Solutions adds a layer of security and control to electronic and paper-based patient admissions and discharge processes. Download this white paper to learn how Notable Solutions is helping hospitals to minimize the manual work and decisions that invite human error, automatically mitigate the risk of non-compliance, and avoid the fines, reputation damage and other costs of HIPAA violations and privacy breaches.
September 8, 2014
Resource
sites/default/files/resource-media/pdf/securing-information.pdf
Protect
Learn how to build a risk-stratified response plan to secure medical data whenever a visual privacy incident is reported to limit potential harm to patients and the organization.
August 21, 2014
Resource
sites/default/files/resource-media/pdf/3msdp2301_h4_hc_privacybreach_081314.pdf
Protect
Identify the risks, review healthcare compliance issues, and consider recommended solutions to help protect medical data on mobile devices.
August 21, 2014
Resource
sites/default/files/resource-media/pdf/3msdp2301_h2_hc_compliancerisks_081314.pdf
Protect
Establish security controls to examine how healthcare officials can better address low-tech vulnerabilities like human error and a lack of visual privacy, that can help companies remain compliant with HIPAA regulation.
August 21, 2014
Resource
sites/default/files/resource-media/pdf/3msdp2301_h1_hc_privacyconcerns_081314.pdf
Protect
Patient safety and the reduction of medical errors are key drivers in the healthcare industry today. To address these needs, more and more providers are using laser-printed patient wristbands at the critical juncture of admitting patients to the facility. Wristbands that stay on the patient and remain readable after repeated use and extended treatments need to be easy to print, easy to read, and cost effective to deploy.
July 10, 2014
Resource
sites/default/files/resource-media/pdf/hp_solution_brief_-_gain_efficiences_improve_patient_safety_-_hp_patient_identification_solution.pdf
Protect
A major Southeastern U.S. healthcare system needed to securely issue prescriptions directly from its two electronic medical record (EMR) systems: one for its hospitals and another for its clinics. Secure printing across the entire printer network was vital to reduce the risk of fraud and meet stringent government regulations. The HP Prescription Printing Security Solution was selected to meet this challenge.
July 10, 2014
Resource
sites/default/files/resource-media/pdf/hp_solution_brief_-_secure_simplify_save_-_hp_prescription_printing_solution.pdf
Protect
Uncontrolled print environments in a hospital setting can present a serious risk to patient privacy, profit, institutional security, and profitability. You must protect sensitive information, secure devices, and improve 7x24 device availability in critical clinical environments to provide the care patients need and expect. To gain better control, you need to implement plans that meet industry regulations while also increasing productivity, lowering costs, and providing more flexible scanning and printing solutions for staff and clinicians.
July 10, 2014
Resource
sites/default/files/resource-media/pdf/hp_solution_brief_-_control_safeguard_comply_-_hp_access_control.pdf
Protect
One of the enduring ironies when it comes to health IT is the contradiction between the understandable concern among healthcare stakeholders over data security and the apparent willingness of patients to share their own information. Two recent polls bear this out.
February 6, 2014
Blog
The recent FTC decision in the LabMD case has HIPAA-watchers scratching their heads, tugging their beards, and generally wondering about reconciling FTC-style litigation-based regulation with OCR-style rule-based regulation of health care data privacy and security.
January 30, 2014
Blog
IT may not get much credit when it comes to saving patient lives, but there's no denying that cloud technologies can help do just that. By making medical data immediately available to providers, cloud-enabled applications can share test results, identify medication allergies and improve patient outcomes.
January 29, 2014
Blog
Recently I was invited by the Patient Privacy Rights Foundation to lead a discussion that addressed patient privacy concerns and potential solutions for doctors working with EHRs.
January 27, 2014
Blog
2014 represents a transformative year for healthcare in the United States. Exciting innovations are making a significant impact on the industry, and I am hopeful that we will see a transformation across the industry to more consumer-centric and value-driven healthcare.
January 14, 2014
Blog
Here we go again! As I've stated many times before, no pictures in the hospital and no posting them on social networking sites.
December 9, 2013
Blog
The good news for patients is that their personal health information is becoming more secure all the time. But it takes unfortunate breaches, such as an event that occurred in Charlotte in August 2013, to highlight the need for increasingly stronger data-security provisions.
November 25, 2013
Blog
A common and somewhat unique aspect to EHR vendor contracts is that the EHR vendor lays claim to the data entered into their system. It confounds us as to why healthcare organizations let their vendors of choice get away with this.
November 19, 2013
Blog
The idea of risk management in information security has always been a bit difficult to pin down. For example, there is too little historical and behavioral data to identify trends or make predictions with confidence.
October 16, 2013
Blog
Organizations are showing a remarkable appetite to innovate using the latest in cloud technology, but also concerns over whether the cloud is secure enough to protect electronic patient health information. And everyone wants to know - is my service provider compliant?
September 20, 2013
Blog
There is no question that the resources required to process, analyze, and manage petabytes of genomic information represent a huge burden. That burden becomes even greater when one factors in the need to handle these data in compliance with an alphabet soup of regulatory regimes.
September 4, 2013
Blog
If you’re a healthcare provider who has shied away from the cloud due to security concerns, you could be making a grave mistake. In fact, moving to the cloud can increase data security.
August 29, 2013
Blog
Sage Healthcare Division, a unit of Sage North America, announced today that its client, Dr. Moore & Associates, a primary care practice in Brooklyn, NY, is among several of the company's clients to successfully attest to Stage 1 meaningful use under the Medicare EHR Incentive Program.
May 25, 2011
Press Release
A team from the Department of Veterans Affairs (VA) and Stanford University is exploring a new approach to clinical trials that experts say will cost less and be easier to translate into practice.
May 9, 2011
Press Release
Hannibal Regional Healthcare System, which operates a not-for-profit community hospital in northeast Missouri, has selected the Sunrise Enterprise suite of solutions from Allscripts.
May 6, 2011
Press Release
Selecting the correct software to use in a medical practice is critical for physicians, particularly now that all technology-based practices must be compliant with the government's updated standard for electronic claims transactions. The new standard, known as HIPAA Version 5010, will be required by January 1, 2012. The American Medical Association (AMA) and the Medical Group Management Association (MGMA) have made the software selection process easier by developing an online directory of software vendors that helps physicians determine whether the vendors’ practice management systems are compliant with the 5010 standard. A companion piece to the recently released Selecting a Practice Management System toolkit, the Practice Management System Software Directory provides detailed vendor profiles, enabling physicians to easily choose the software that best fits their needs.
April 28, 2011
Press Release
PhoneFactor, the leading global provider of phone-based authentication, today released the results of its recent survey on multi-factor authentication. The results indicate organizations that utilize security tokens, many of which are already frustrated with the burden tokens place on their IT departments and end users, are being driven to action by the recent RSA breach.
April 27, 2011
Press Release
CDW LLC (CDW), a leading provider of technology solutions to business, government, education and healthcare, today released the findings of its Video Conferencing Straw Poll Report. The report finds that half of companies use some form of video conferencing today and another quarter plan to implement the technology within the next two years. Video conferencing adoption, driven by reduced operating costs, improved decision making and improved communication, will branch out beyond simple peer-to-peer devices into more cutting-edge collaborative video conferencing systems, such as immersive telepresence.
April 25, 2011
Press Release
To ensure downtime access to current patient data after moving to electronic medical records (EMRs) and electronic medication administration records (eMARs), Hancock Regional Hospital in Greenfield, IN implemented NetSafe, Interbit Data's downtime protection and business continuance solution.
July 29, 2010
Press Release
Twin County Regional Hospital is expanding its McKesson Paragon hospital information system to increase efficiency and help improve patient safety across the entire medical community of Galax, Va. and surrounding areas.
January 8, 2010
Press Release