Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
The healthcare industry is swimming in Social Security numbers, thanks to the necessities of patient record management technology. But balancing those requirements with fraud mitigation and privacy protections is proving a big challenge.
October 23, 2014
News
"It isn't out of the realm of the possible" that medical device security flaws could "cause severe injury or death," according to a Department of Homeland Security official investigating devices and other pieces of hospital equipment for weaknesses that could be exploited in a cyberattack.
October 23, 2014
News
Wes Wright, chief information officer of Seattle Children's Hospital, had a couple big reasons for embracing a virtual desktop infrastructure strategy for the 323-bed tertiary care facility. "Speed and ubiquity," he says. But soon he found a bonus.
October 22, 2014
News
For wearable technology to live up to the hype, especially when it comes to healthcare, it will have to be "interoperable, integrated, engaging, social and outcomes-driven," according to PwC.
October 21, 2014
News
While it's clear how Apple's HealthKit and the newest smartphones will play in the healthcare realm, Apple Pay, which the company is rumored to be preparing for a debut when it announces new iPads this week, could actually have an impact there as well.
October 15, 2014
News
An academic medical center in California is notifying patients of a HIPAA breach after officials discovered that a physician's email account had been hacked by an outside source.
October 14, 2014
News
National coordinator Karen DeSalvo, MD, revealed on Tuesday that ONC now has a new Chief Privacy Officer. "She brings a set of rich experiences at the intersection of health information, privacy, and modernizing the health care delivery system," DeSalvo wrote in an email to staff.
October 14, 2014
News
The U.S. government's new $450 million job training program targets 270 community colleges across the country, many of which plan to offer courses in health IT.
October 8, 2014
News
Add Facebook to the list of Silicon Valley technology companies looking for ways to make personal health data a new part of their growth strategy. Like Apple and Google, the social network is said to be developing wellness apps, as well as health discussion groups for its 1.3 billion users.
October 6, 2014
News
As Shellshock, the latest serious cybersecurity flaw, casts its shadow over healthcare, the U.S. Food and Drug Administration has finalized a set of recommendations to protect medical devices from Web-based attacks.
October 2, 2014
News
If you think you'll be able to dodge a data breach without putting in some serious work, think again. This year, healthcare organizations have reported more breaches than ever -- a 10 percent jump, on average. So what are they doing to improve these numbers? Not nearly enough, says the Ponemon Institute.
October 1, 2014
News
A mail merge gone wrong has officials at the University of Florida and Texas Health and Human Services rushing to send patient notification letters after the error, which occurred a year ago, resulted in a data breach.
September 29, 2014
News
Recently, a powerful trend toward “patient engagement” has emerged driving transformation in how healthcare providers deliver services to those most impacted by healthcare decisions: patients. While this potential revolution in provider/patient relationships is taking place, healthcare IT organizations are facing serious challenges of their own. How can they best service those in the front-line engaging with the patients to drive enhanced patient care?
November 7, 2014
Resource
Protect
IT departments today are finding themselves squarely at the epicenter of healthcare compliance scrutiny. One of the many regulations to which they must adhere is “meaningful use,” which ties financial incentives to usage of electronic health records as part of the Medicare and Medicaid EHR Incentive Program. Now, with meaningful use deadlines fast approaching and concerns about compliance reaching the highest levels of healthcare organizations, IT professionals are finally being invited to step out of the basement and into the boardroom.
November 7, 2014
Resource
Protect
The security threat landscape is rapidly evolving: from risks with the proliferation of mobile devices to the increased sophistication of organized cyber criminals. Healthcare has a significant burden with the dubious distinction of having the highest per record data breach cost among all regulated industries. This webinar covers the ten essential practices for security, the different threat patterns to be aware of and how you can take steps to remediate these threats and protect your organization.
November 3, 2014
Resource
Do Not Protect
http://himssmediawebinars.com/registration/webinar/navigating-new-healthcare-security-landscape-rethinking-your-security-posture?affiliatedata=websiteHITN
The shift from fee-for-service to value-based care is creating significant financial and performance pressures for healthcare providers. As Health IT leaders work to harness cloud, Big Data, mobile, and social technology to optimize their EMR, building a trusted hybrid cloud infrastructure lays the foundation for team-based care. In this whitepaper, learn how a hybrid cloud framework enables coordinated care to improve patient care delivery, lower IT costs, and increase business agility -- including recommended steps and solutions.
October 15, 2014
Resource
sites/default/files/resource-media/pdf/hybrid_cloud_powers_next_generation_health_it_emc_whitepaper.pdf
Protect
This webinar will cover malicious cybercrime, the evolution of hackers, and how it affects the corporate IT landscape. Hear about how NaviSite and Alert Logic have teamed up to provide relevant security solutions and strategies for businesses to use to prevent harmful cyber activity affecting the Healthcare Industry.
October 8, 2014
Resource
Do Not Protect
http://himssmediawebinars.com/registration/webinar/emerging-threats-healthcare-strategies-defense?affiliatedata=website
The cloud delivers many benefits: agility, performance, scalability and cost management. However, there are risks that come along with those benefits: users and organizations that are not security conscious and those without cloud-specific security solutions can be in jeopardy if they do not properly research their deployment requirements and find proven solutions. Learn why an organization's security posture must extend from edge devices to the heart of the business -- the data center -- whether that data center is on-premises, within the cloud, or a hybrid.
September 24, 2014
Resource
sites/default/files/resource-media/pdf/wp_alert_logic_cloud_security_report_-_spring_20141.pdf
Protect
Craft an optimized cloud security plan using the proven framework in this guide. These seven sequential steps enable organizations to structure security and compliance programs that take advantage of the financial benefits of managed cloud applications and services while meeting security and compliance goals.
September 24, 2014
Resource
sites/default/files/resource-media/pdf/navisite_whitepaper_2lr.pdf
Protect
One hour webinar that walks through the Dell Mobile Clinical Computing solution and why you may want to consider it for your environment.
September 22, 2014
Resource
Protect
http://www.dell.com/learn/us/en/70/videos~en/documents~eseminar-mobile-clinical-computing.aspx
Learn how Mater Health improves access to clinical data with a virtual desktop environment built on robust Dell Wyse zero clients. Benefits experienced by Mater include improved speed of initial access to clinical data by 80% and projected increase of endpoint lifespan by 50%.
September 22, 2014
Resource
sites/default/files/resource-media/pdf/2013-mater-health-10012021.pdf
Protect
Examine the total economic impact that you can realize by using Dell™ Mobile Clinical Computing (MCC). Discover how Tallahassee Memorial HealthCare (TMH) achieved clinical efficiency, data security and IT productivity by implementing Dell MCC.
September 22, 2014
Resource
sites/default/files/resource-media/pdf/total-economic-impact-mcc-solution.pdf
Protect
Learn how to build a risk-stratified response plan to secure medical data whenever a visual privacy incident is reported to limit potential harm to patients and the organization.
August 21, 2014
Resource
sites/default/files/resource-media/pdf/3msdp2301_h4_hc_privacybreach_081314.pdf
Protect
Identify the risks, review healthcare compliance issues, and consider recommended solutions to help protect medical data on mobile devices.
August 21, 2014
Resource
sites/default/files/resource-media/pdf/3msdp2301_h2_hc_compliancerisks_081314.pdf
Protect
One of the enduring ironies when it comes to health IT is the contradiction between the understandable concern among healthcare stakeholders over data security and the apparent willingness of patients to share their own information. Two recent polls bear this out.
February 6, 2014
Blog
The recent FTC decision in the LabMD case has HIPAA-watchers scratching their heads, tugging their beards, and generally wondering about reconciling FTC-style litigation-based regulation with OCR-style rule-based regulation of health care data privacy and security.
January 30, 2014
Blog
IT may not get much credit when it comes to saving patient lives, but there's no denying that cloud technologies can help do just that. By making medical data immediately available to providers, cloud-enabled applications can share test results, identify medication allergies and improve patient outcomes.
January 29, 2014
Blog
Recently I was invited by the Patient Privacy Rights Foundation to lead a discussion that addressed patient privacy concerns and potential solutions for doctors working with EHRs.
January 27, 2014
Blog
2014 represents a transformative year for healthcare in the United States. Exciting innovations are making a significant impact on the industry, and I am hopeful that we will see a transformation across the industry to more consumer-centric and value-driven healthcare.
January 14, 2014
Blog
Here we go again! As I've stated many times before, no pictures in the hospital and no posting them on social networking sites.
December 9, 2013
Blog
The good news for patients is that their personal health information is becoming more secure all the time. But it takes unfortunate breaches, such as an event that occurred in Charlotte in August 2013, to highlight the need for increasingly stronger data-security provisions.
November 25, 2013
Blog
A common and somewhat unique aspect to EHR vendor contracts is that the EHR vendor lays claim to the data entered into their system. It confounds us as to why healthcare organizations let their vendors of choice get away with this.
November 19, 2013
Blog
The idea of risk management in information security has always been a bit difficult to pin down. For example, there is too little historical and behavioral data to identify trends or make predictions with confidence.
October 16, 2013
Blog
Organizations are showing a remarkable appetite to innovate using the latest in cloud technology, but also concerns over whether the cloud is secure enough to protect electronic patient health information. And everyone wants to know - is my service provider compliant?
September 20, 2013
Blog
There is no question that the resources required to process, analyze, and manage petabytes of genomic information represent a huge burden. That burden becomes even greater when one factors in the need to handle these data in compliance with an alphabet soup of regulatory regimes.
September 4, 2013
Blog
If you’re a healthcare provider who has shied away from the cloud due to security concerns, you could be making a grave mistake. In fact, moving to the cloud can increase data security.
August 29, 2013
Blog
Sage Healthcare Division, a unit of Sage North America, announced today that its client, Dr. Moore & Associates, a primary care practice in Brooklyn, NY, is among several of the company's clients to successfully attest to Stage 1 meaningful use under the Medicare EHR Incentive Program.
May 25, 2011
Press Release
A team from the Department of Veterans Affairs (VA) and Stanford University is exploring a new approach to clinical trials that experts say will cost less and be easier to translate into practice.
May 9, 2011
Press Release
Hannibal Regional Healthcare System, which operates a not-for-profit community hospital in northeast Missouri, has selected the Sunrise Enterprise suite of solutions from Allscripts.
May 6, 2011
Press Release
Selecting the correct software to use in a medical practice is critical for physicians, particularly now that all technology-based practices must be compliant with the government's updated standard for electronic claims transactions. The new standard, known as HIPAA Version 5010, will be required by January 1, 2012. The American Medical Association (AMA) and the Medical Group Management Association (MGMA) have made the software selection process easier by developing an online directory of software vendors that helps physicians determine whether the vendors’ practice management systems are compliant with the 5010 standard. A companion piece to the recently released Selecting a Practice Management System toolkit, the Practice Management System Software Directory provides detailed vendor profiles, enabling physicians to easily choose the software that best fits their needs.
April 28, 2011
Press Release
PhoneFactor, the leading global provider of phone-based authentication, today released the results of its recent survey on multi-factor authentication. The results indicate organizations that utilize security tokens, many of which are already frustrated with the burden tokens place on their IT departments and end users, are being driven to action by the recent RSA breach.
April 27, 2011
Press Release
CDW LLC (CDW), a leading provider of technology solutions to business, government, education and healthcare, today released the findings of its Video Conferencing Straw Poll Report. The report finds that half of companies use some form of video conferencing today and another quarter plan to implement the technology within the next two years. Video conferencing adoption, driven by reduced operating costs, improved decision making and improved communication, will branch out beyond simple peer-to-peer devices into more cutting-edge collaborative video conferencing systems, such as immersive telepresence.
April 25, 2011
Press Release
To ensure downtime access to current patient data after moving to electronic medical records (EMRs) and electronic medication administration records (eMARs), Hancock Regional Hospital in Greenfield, IN implemented NetSafe, Interbit Data's downtime protection and business continuance solution.
July 29, 2010
Press Release
Twin County Regional Hospital is expanding its McKesson Paragon hospital information system to increase efficiency and help improve patient safety across the entire medical community of Galax, Va. and surrounding areas.
January 8, 2010
Press Release