Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
Q&A: McKesson and Cerner execs discuss CommonWell Health Alliance
After McKesson, Cerner, Allscripts, Greenway and athenahealth made news at HIMSS13 with the launch of the CommonWell Health Alliance, Healthcare IT News spoke with McKesson CEO John Hammergren about the road ahead. Joining Hammergren in the discussion were David McCallie and Arien Malec.
More
Comments: (0)
March 12, 2013
Mike Miliard
News
UPMC, Oracle to help with ID management
UPMC announced Thursday that it will collaborate with Oracle to develop cloud-based identity management technology meant for small and midsized health care providers.
More
Comments: (0)
March 8, 2013
Mike Miliard
News
Don't look now, you've been hacked!
Attendees at HIMSS13 -- in one way or another entrusted with the protection of their patients' personal health information -- may not be pleased to learn that they work in the most widely breached industry in the United States.
More
Comments: (0)
March 5, 2013
Frank Irving
News
Security measures defense against audits
Healthcare information security staffers rightly worry about OCR audits and want to prepare their facilities for an assessment. But how do you best measure the progress of your security program?
More
Comments: (0)
March 5, 2013
Richard Pizzi
News
OCR director talks HIPAA survival
It's about the patients, it's about safeguarding privacy, and it's about trying to avoid making the same mistakes twice, said Office for Civil Rights Director Leon Rodriguez to hundreds of HIMSS13 attendees Monday morning.
More
Comments: (0)
March 4, 2013
Erin McCann
News
New York hospital waits 15 months to announce HIPAA breach, notify patients
The Samaritan Hospital in eastern New York, just outside of Albany may eventually face some hefty fines from the Office for Civil Rights as the hospital just Friday notified the public of a HIPAA privacy breach stemming from a November 2011 incident.
More
Comments: (0)
March 1, 2013
Erin McCann
News
Security shortages exacerbating breaches
The sixth Global Information Security Workforce Study, conducted by (ISC)2 shows that a shortage of information security professionals is having an adverse impact on healthcare and other industries, even as vulnerabilities such as mobile devices and social media are on the rise.
More
Comments: (0)
February 25, 2013
Mike Miliard
News
Walgreens company announces data breach
A Walgreens healthcare company based in Anaheim, Calif., has notified patients and employees of a data breach after computer hardware and other paper records containing the personal health information and Social Security numbers of patients was stolen.
More
Comments: (0)
February 25, 2013
Erin McCann
News
Walmart to open health screening kiosks
From SoloHealth's stations, slated to be in 2,500 Walmarts and Sam's Clubs next month, to video consultations with doctors, to smartphone apps that track blood pressure and heart rate, consumer health technology is attracting big-name backers.
More
Comments: (0)
February 25, 2013
Kaiser Health News
News
Georgia hospice group sees data breach
Officials at a northwest Georgia hospice group have notified patients of a data breach after an unencrypted company laptop containing personal health information was stolen from an employee's car in January.
More
Comments: (0)
February 22, 2013
Erin McCann
News
Securing the future
Chief information officers, chief privacy officers, chief compliance officers and all those assorted other assorted C-level titles charged with locking down health information security have a lot on their plates nowadays. Now they’ve got something else to think about.
More
Comments: (0)
February 19, 2013
Mike Miliard
News
January sees launch of 106 new ACOs
Already this year, healthcare providers have launched 106 new accountable care organizations (ACOs) that will reach as many as four million beneficiaries, Health and Human Services (HHS) Secretary Kathleen Sebelius announced Jan. 10.
More
Comments: (0)
February 18, 2013
Erin McCann
News
Top 12 Best Practices for Systems Management in Healthcare - And the Financial Benefits
In healthcare, IT systems management is not simply a matter of process efficiency and cost savings—it could be a matter of life or death for patients. Faced with regulatory requirements, widely dispersed facilities, demands for <a href="/directory/electronic-health-record-ehr" target="_blank" class="directory-item-link">electronic health records</a> (EHRs), and increasingly more and more mobile devices for providers, healthcare IT managers are forced to streamline systems management as budgets and headcount shrink.
More
Comments: (0)
October 25, 2012
Resource Central
Resource
sites/default/files/resource-media/pdf/dell_systems_management_in_healthcare.pdf
Protect
IQ Express Fax Boards: The Key to HIPAA Compliance
The arrival of <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">HITECH</a> and other laws designed to enforce HIPAA privacy guidelines makes maintaining HIPAA compliance more important than ever. Faxing anything, in a traditional manner, while maintaining compliance is extremely difficult. Therefore, we need to change the way we process and handle patient healthcare information. Fortunately, the advent of intelligent fax boards has paved the way for healthcare entities to transition into the future while allowing for more economical use of resources and reducing environmental impact.
More
Comments: (0)
October 18, 2012
Resource Central
Resource
sites/default/files/resource-media/pdf/hipaa_fax_white_paper_v0.8.pdf
Protect
Physical Security for Healthcare Devices and Equipment
Electronic locks and latches provide enhanced security where healthcare facilities need it the most – on the carts and cabinets that house valuable medical supplies and patient information. Electronic locks provide secure locking and audit trail capabilities that can help healthcare IT managers comply with industry regulations such as HIPAA and <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">HITECH</a>. This white paper explores opportunities for improved physical security in the healthcare environment and reviews electronic access solutions available to equipment manufacturers.
More
Comments: (0)
October 16, 2012
Resource Central
Resource
sites/default/files/resource-media/pdf/southco_wp_medsecurity.pdf
Protect
Memorial Hermann Healthcare System Manages User Access Risk and Streamlines Compliance
Memorial Hermann needed a more efficient way to process 32,000 user access requests per year to key healthcare and enterprise applications, and better controls around access provided to 20,000 employees including caregivers, employees and temporary workers spread throughout greater Houston, while demonstrating regulatory compliance — primarily with HIPAA and <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">HITECH</a>. With the Courion identity and access management suite, Memorial Hermann is now able to perform timely user attestations, streamline compliance, increase operational efficiency and strengthen security.
More
Comments: (0)
October 8, 2012
Resource Central
Resource
sites/default/files/resource-media/pdf/casestudy_mhhs_courion.pdf
Protect
HealthSpring Improves Compliance Accuracy, Speed and Scalability with an Identity and Access Risk Management Suite
HealthSpring is one of the country’s largest and fastest growing providers of <a href="/directory/medicare" target="_blank" class="directory-item-link">Medicare</a> Advantage health care plans with more than one million members in 11 states and the District of Columbia. To improve the accuracy, speed and scalability of its compliance program, HealthSpring chose Courion. The Courion suite is integrated with all of HealthSpring’s critical information technology systems, including its PeopleSoft <a href="/directory/enterprise-resource-planning" target="_blank" class="directory-item-link">enterprise resource planning</a> (ERP), claims processing and membership management systems.
More
Comments: (0)
October 8, 2012
Resource Central
Resource
sites/default/files/resource-media/pdf/casestudy_healthspring_courion.pdf
Protect
Access Risk Management: The Key to Protecting Your Healthcare Organization in Today's Mobile, Always-On, Cloud-Based Environment
With sensitive data being continually accessed across the enterprise, the web, and mobile devices, organizations are constantly facing the challenge of protecting their critical assets such as employee and patient data – all of which impact their reputations and their bottom lines. Healthcare organizations in particular need to ensure only the right people have the right access to the right information at the right time. That’s the objective of an access risk management strategy.
More
Comments: (0)
October 8, 2012
Resource Central
Resource
sites/default/files/resource-media/pdf/white_paper_access_risk_management_courion.pdf
Protect
Don't Let Personal Mobile Devices Put the Corporate Network at Risk
Hospitals and medical offices are busy places. Ever wonder how easy it would be for someone to walk out with an office laptop or mobile device? Not only do patients expect confidentiality of their medical records but government regulations like HIPAA demand it. The theft of laptops, computers and mobile devices is a common cause of data breaches and physical security is a highly effective first line of defense.
More
Comments: (0)
October 8, 2012
Resource Central
Resource
sites/default/files/resource-media/pdf/kensington_white_paper_080612.pdf
Protect
Leading Security Solutions for the Healthcare Environment!
When a desktop, laptop or computer is stolen, a hospital loses far more than a piece of expensive equipment. Not only do patients expect confidentiality of their medical records but government regulations like HIPPA demand it. The theft of laptops, computers and mobile devices is a common cause of data breaches and physical security is a highly effective first line of defense. Watch this video to Learn how to stop theft and protect patient safety with industry leading security solutions.
More
Comments: (0)
October 1, 2012
Resource Central
Resource
Protect
http://youtu.be/dItbmn0hRaY
Realizing the Return: Comprehensive systems management maximizes the value of healthcare IT
By taking a comprehensive approach to systems management, healthcare providers’ IT departments can significantly reduce the amount of time required to perform routine maintenance tasks, therefore improving productivity. These time savings allow IT departments to shift staff to more value added activities that help support the business and reachstrategic goals.
More
Comments: (0)
September 19, 2012
Resource Central
Resource
sites/default/files/resource-media/pdf/realizing_the_return.pdf
Protect
HIPAA: Healthcare Transformation to Electronic Communications
This white paper provides a brief overview of HIPAA regulations and how healthcare organizations are using technology to assist with compliance. Many traditional document handling processes do not comply with HIPAA regulations for privacy and security. The whitepaper discusses network faxing, explores advantages for implementing a network fax solution to support HIPAA compliance initiatives and to improve the security and overall efficiency of the document transmission processes.
More
Comments: (0)
September 11, 2012
Resource Central
Resource
sites/default/files/resource-media/pdf/hipaa_healthcare_transformation_to_electronic_communications.pdf
Protect
6 Lessons Learned About Hospital Smartphone Integration
As more and more hospitals work to incorporate smartphones into their communication network, they have learned important lessons that can help other facilities make a smooth transition. At the end of the day, the goal is to get the right message, to the right person, on the right device, at the right time.
More
Comments: (0)
September 4, 2012
Resource Central
Resource
sites/default/files/resource-media/pdf/wp-us-6-lessons-hospital-smartphone-integration.pdf
Protect
Durham Nephrology Associates Achieves Meaningful Use after Navigating Uncharted Waters
Specialty medicine practices rarely employ a dedicated information technology resource. Durham Nephrology is no exception. The Durham practice navigated the uncharted waters of attesting to <a href="/directory/meaningful-use" target="_blank" class="directory-item-link">Meaningful Use</a> under <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">the HITECH Act</a> of 2009 without the benefit of an IT expert or outside consultant. They implemented an <a href="/directory/electronic-health-record-ehr" target="_blank" class="directory-item-link">EHR</a> system in 2003 and believed that an EHR was the only long-term, effective way to organize patient charts and clinical notes. Read this story to find out this resourceful team achieved their goals--and more.
More
Comments: (0)
September 4, 2012
Resource Central
Resource
sites/default/files/resource-media/pdf/pro100_proehr_durham_nephrology_associates_nephrology_nc_success_story_10_19_11.pdf
Protect
The End of the Beginning... and the Launch of i2O
When Dr. Farzad Mostashari, the national coordinator for health information technology, addresses more than 4,700 healthcare professionals at the Allscripts Client Experience in Nashville on Monday morning, Aug. 29, he’s likely to discuss one of the most exciting developments in healthcare today – and perhaps surprisingly, it won’t be the meaningful use of electronic health records.
More
Comments: (0)
August 28, 2011
Glen Tullman
Blog
Sharp Focus Roundup
I've been thinking about the Strategic Health IT Advance Research Projects (SHARP) Program lately and plan to give an update soon on some of the progress being made.
More
Comments: (2)
August 26, 2011
Brian Ahier
Blog
Does a nationwide EHR lower healthcare costs? Social media reactions
A little over a month ago, I asked our Healthcare IT News social media followers if they believed a nation-wide transition to EHRs for doctors would lower healthcare costs. From Twitter to Facebook, there was a wide range of opinions.
More
Comments: (1)
August 11, 2011
Kelly Mehler
Blog
What ARE you afraid of?
I read a post earlier today talking about concerns of a healthcare organization that would be sharing its data with its patients. One of the concerns was that sharing the data (with a competitor) would make it easier for the patient to get care elsewhere.
More
Comments: (0)
July 26, 2011
Keith W. Boone
Blog
Connecting California to Improve Patient Care
I finally made it to Redwood MedNet Health Information Exchange Conference and share my learnings and thoughts below.
More
Comments: (0)
July 19, 2011
Christina Thielst
Blog
Personal Health Information and the Rupert Murdoch Effect
Personal health information and the lack of security surrounding it has caused quite a bit of buzz lately.
More
Comments: (1)
July 13, 2011
Jennifer Dennard
Blog
The Transparency of Social Media: Employers, you could be losing job candidates before they even apply
Remember in high school how it didn’t take long for a rumor or juicy piece of gossip to run rampant through the halls and spread faster than a wildfire fueled by 80 MPH winds? Well, social media is the new word of mouth.
More
Comments: (0)
July 13, 2011
EJ Fechenda
Blog
Do EHRs leave out your personal story? Social media response
How comprehensive can the information in an EHR be before patients grow concerned for their privacy? Do doctors using EHRs run the risk of missing the meat on the bones -- the details?
More
Comments: (0)
July 8, 2011
Kelly Mehler
Blog
Small, isolated rural hospitals show poorer results on measures of quality of care, patient outcomes
In the first national study to examine care at critical access hospitals (CAHs) in rural areas of the U.S., Harvard School of Public Health (HSPH) researchers found that CAHs have fewer clinical capabilities, lower quality of care, and worse patient outcomes compared with other hospitals.
More
Comments: (0)
July 8, 2011
Brian Ahier
Blog
How Much Would You Pay for Your Medical Record?
Being in healthcare IT, and inspired all the time by the optimism and the opportunities technology has provided us, I thought that collecting my personal health information would be a fairly simple and straightforward task. Instead, the wide range of service I was provided when simply trying to collect my medical records was quite an eye opening experience.
More
Comments: (1)
June 23, 2011
Erica Olenski
Blog
Who Owns Patient Data?
Topic 3 on the June 20 #HITsm Tweetchat got into discussions of who owns patient data. The moral high ground today seems to be towards "patient ownership." Reality is just a bit different, and I think the discussion of ownership is not all that useful.
More
Comments: (1)
June 22, 2011
Keith W. Boone
Blog
New Apple Developments will Likely Spur Mobile Health Innovation
If you’re reading this blog, you most likely saw the pop-up/interstitial Intel ad that asks “Is Cloud Computing Right for You?” Steve Jobs apparently thinks so.
More
Comments: (0)
June 7, 2011
Jennifer Dennard
Blog