Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
If you're a provider or payer organization with a great story to tell about a patient engagement program that has improved care and reduced costs, here's your chance to share that success -- and learn from your peers.
November 12, 2014
News
Healthcare industry, listen up: You've got a consumer distrust issue on your hands. The majority of American consumers continue to have serious doubts over the privacy and security of their medical records -- so much so that a sizable number of them actually withheld information from care providers over those concerns.
November 5, 2014
News
Raising concerns about security practices with the Obamacare website HealthCare.gov, the U.S. House Science Committee has issued a subpoena to compel U.S. Chief Technology Officer Todd Park to testify about his role in creating the site.
November 3, 2014
News
New York City offers plenty of healthcare and technology jobs, but there's a gap between the work and the skills available, according to a new report from financial services firm JPMorgan Chase.
October 31, 2014
News
Mobile health wearables and sensors present myriad opportunities for improving patient care and increasing patient engagement. They also offer the chance to better manage chronically ill patients remotely. The only problem? It's not that these wearables are scarce. It's that many just aren't secure.
October 31, 2014
News
California state officials this week released its second annual data breach report, and spoiler alert: the numbers for the healthcare industry aren't pretty.
October 30, 2014
News
Among the 71 mobile and telemedicine projects underway at Intermountain Healthcare are a smartwatch clinicians use, the gyrometer given to patients post-operation and the popular social networking tools Facebook, Twitter and Yammer.
October 27, 2014
News
With more than 350 exhibitors on the show floor, including many for the first time, MGMA's exhibit hall is expected to be abuzz with activity and fresh ideas. There's also a "Tweet Street."
October 23, 2014
News
The healthcare industry is swimming in Social Security numbers, thanks to the necessities of patient record management technology. But balancing those requirements with fraud mitigation and privacy protections is proving a big challenge.
October 23, 2014
News
"It isn't out of the realm of the possible" that medical device security flaws could "cause severe injury or death," according to a Department of Homeland Security official investigating devices and other pieces of hospital equipment for weaknesses that could be exploited in a cyberattack.
October 23, 2014
News
Wes Wright, chief information officer of Seattle Children's Hospital, had a couple big reasons for embracing a virtual desktop infrastructure strategy for the 323-bed tertiary care facility. "Speed and ubiquity," he says. But soon he found a bonus.
October 22, 2014
News
For wearable technology to live up to the hype, especially when it comes to healthcare, it will have to be "interoperable, integrated, engaging, social and outcomes-driven," according to PwC.
October 21, 2014
News
Learn the challenges healthcare organizations have in locking down their HIPAA compliant applications in the cloud. See the latest data breaches and solutions to keeping your ePHI protected in the cloud.
March 25, 2014
Resource
sites/default/files/resource-media/pdf/firehost-locking-down-the-cloud-health-2014.pdf
Protect
Read through valuable insights on the changing landscape of the Healthcare IT industry today. Learn about leading practices from our thought leaders and their strategic thinking through a series of interviews by Deloitte’s key industry leaders, client interviews, research and thought leadership articles on government reform, new risk-based models such as value-based care, M&A activities, growing patient populations and increased competition amid shrinking resources that are driving transformation.
February 17, 2014
Resource
Protect
http://www.pageturnpro.com/MedTech-Media/56077-The-Innovator-Hospital-Poised-to-Deliver-Future-Care/index.html
Collaborative care offers tremendous benefit for patients, but demands PHI accessibility across the complex healthcare environment and across multiple users and locations. Information sharing without the worry of unauthorized access or a data breach is critical to ensure patient trust and avoid regulatory fines. In a business that’s constantly changing with new technologies, such as cloud and BYOD, and offering new ways of interacting with patients and providers, the need for secure access to patient data is critical. Download the latest RSA white paper, “Cybercrime and the Healthcare Industry,” to learn about the latest cyber threats targeting patient data and key areas of consideration in implementing security and access controls to address HIPAA, Meaningful Use, and other regulations.
February 14, 2014
Resource
sites/default/files/resource-media/pdf/cybhc_wp_0713.pdf
Protect
From online shopping and banking to accessing personal health information, consumers are moving more of their personal lives to the Web. The explosion of digital identities and loss of customer information from data breaches is driving the need for effective consumer-facing authentication and access management tools. Yet, many organizations lack adequate controls to secure access to their consumer Web portals out of fear of disrupting the user experience. The latest Forrester Research report, “Consumer Web Portals: Platforms at Significant Security Risk,” where you will gain insight on the risks and threats.
February 14, 2014
Resource
sites/default/files/resource-media/pdf/consumer_web_portals_-_platforms_at_significant_risk_december_2013.pdf
Protect
For enterprises looking at NGFWs, the most important consideration is: Will this new technology empower your security teams to securely enable applications to the benefit of the organization? It's not about blocking applications, but safely enabling these applications at the firewall.
January 31, 2014
Resource
sites/default/files/resource-media/pdf/10-things.pdf
Protect
Cybersecurity has become a leading topic both within and beyond the corporate boardroom. What enterprises need to stop the escalation of cyberattacks is a network security approach that is designed from the outset to enable the safe use of the applications and technologies required to support a thriving business.
January 31, 2014
Resource
sites/default/files/resource-media/pdf/cybersecurity-imperatives.pdf
Protect
This paper examines three different organizations, the legacy infrastructure they replaced, the Palo Alto Networks next generation security platform they deployed, and the substantial savings they realized - cutting both capital and operations costs by an average of 50%.
January 31, 2014
Resource
sites/default/files/resource-media/pdf/reducing-costs-with-nextgen-security.pdf
Protect
Iron Mountain has prepared this primer to help you navigate the changes in HIPAA, clarify the role of vendors and other third parties, and heighten your awareness of best practices that will aid in compliance and improve the management of both paper and electronic health records.
October 21, 2013
Resource
sites/default/files/resource-media/pdf/hipaa_primer-andthe-omnibus_final_rule_2013.pdf
Protect
Many healthcare organizations are recognizing the need for a more efficient and effective approach for addressing the HIPAA Security and Privacy rules, and other evolving compliance and security challenges. This paper explores one such solution: unified security monitoring. Unified security monitoring goes well beyond simplifying and automating HIPAA compliance. With always-on coverage and protection, it provides a mechanism for strengthening a healthcare organization’s overall security posture, while reducing ongoing operational risk.
October 9, 2013
Resource
sites/default/files/resource-media/pdf/tenable_for_healthcare_compliance_1.pdf
Protect
Are you prepared for the HITECH Omnibus Final Rule effective Sept 23, 2013? The final ruling has far reaching authority and penalties for noncompliance; unfortunately, most are unclear what the requirements mean for their organization and how to secure protected health information (PHI).
September 17, 2013
Resource
Do Not Protect
http://www.medtechwebinars.com/registration/webinar/addressing-final-hipaa-omnibus-rule-and-securing-protected-health-information?affiliatedata=website
Healthcare organizations are increasingly dependent on web-based technologies to improve patient engagement and address government incentive and regulatory requirements. The success of electronic healthcare record (EHR) initiatives depend on how effectively patients can obtain and manage their health related information securely online.
August 28, 2013
Resource
Do Not Protect
http://www.medtechwebinars.com/registration/webinar/securing-patient-portals-what-you-need-know-comply-hipaa-and-meaningful-use?affiliatedata=website
Patient engagement and electronic HIE are the game changers of Stage 2 meaningful use requirements, which were designed to further expand the meaningful use of certified EHR technology. For patient engagement, the Centers for Medicare and Medicaid Services added two core objectives – providing patients with online access to health information and providing secure messaging between patient and provider. This white paper highlights results from a study conducted by IDR Medical GmbH that surveyed 1,000 U.S.-based patients regarding their attitude toward patient portal technologies. Find out why the results show strong validation for imaging portal demand and need.
August 28, 2013
Resource
sites/default/files/resource-media/pdf/carestream_white_paper_updated_082813.pdf
Protect
As I travel the country, I find that CIOs everywhere are struggling with BYOD in particular but remote access more generally.
November 30, 2012
Blog
Just two and a half years after hosting a workshop on the HIPAA Privacy Rule's de-identification standard, OCR has issued its "Guidance Regarding Methods for De-identification of Protected Health Information in Accordance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule."
November 29, 2012
Blog
Google your name. The first results will likely be physician finder sites like RateMDs.com, Health Grades or Vitals, or broad-based service finders like Yelp or InsiderPages. The reviews can be critical to your success as a doctor in today’s world, regardless of whether they are true or not.
November 8, 2012
Blog
Although we all applaud the massive push towards electronic health records and the digitization of medical information, there are some very tangible cybercrime data breach threats that exist which could topple the momentum gained by the launch of the HITECH Act two and half years ago.
October 31, 2012
Blog
Since I keep track of this stuff, I need to include this BBC story on my blog. It involves a patient in a hospital ward taking a picture of another patient and posting it on Facebook along with an insult.
October 4, 2012
Blog
I’ve always been of the opinion that anything I disseminate via social media is pretty much fair game, and I try to play by the golden rule of “If you don’t want it used against you in a court of law, don’t tweet it, post it, link it, pin it, etc.”
July 9, 2012
Blog
At the weekly healthcare and social media tweet chat (#HITsm), hosted by HL7 Standards, participants discussed four previously posed questions, exploring the practical use of social media in the healthcare space. Here is a roundup of the best responses.
July 6, 2012
Blog
One major issue facing private and public Health Information Exchanges (HIE) is how to ensure patients privacy preferences are respected by obtaining their consent before data is shared.
June 20, 2012
Blog
America’s population is aging, insurance enrollment is growing, healthcare utilization is increasing, and the cost of delivering medical care is rising. As a result, many companies in the healthcare industry are being challenged to serve more patients and members, to improve the quality of care, and to reduce operational costs.
June 14, 2012
Blog
As we continue the journey to protect corporate data that is accessed from personal mobile devices, we're developing increasingly rigorous policies that rebalance individual preferences with corporate compliance requirements.
May 23, 2012
Blog
The Ponemon Institute recently released their Second Annual Benchmark Survey on Patient Privacy and Data Security. The study focused on actual data loss experience from a sample of 72 healthcare organizations. Co3 Systems created a Top 10 breach/data loss objectives list that helps organizations with the necessary steps in preparation of potential data breach.
May 17, 2012
Blog
There’s a fight going on about the adoption of health information technology in our country. This fight isn’t necessary and it shouldn’t be happening, but it is happening nonetheless – and patients have a lot at stake.
May 2, 2012
Blog