Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
The latest revelations from Edward Snowden's document leaks show that not much is beyond the grasp of the National Security Agency -- not even electronic medical records.
July 7, 2014
News
As director of health information technology policy and programs for the National Partnership for Women and Families, Mark Savage keeps a close watch on healthcare information technology, along with all other aspects of patient care.
July 5, 2014
News
The Office for Civil Rights, the HHS division responsible for enforcing HIPAA, is slated to get a new director after the official departure of Leon Rodriguez.
July 2, 2014
News
When an organization experiences a major data breach and puts out a news release, the point is to comfort people that the news isn't as bad as it sounds. But at the same time, it's critical to be precise with language -- lest that organization be compelled to subsequently issue the dreaded, "What we actually meant to say in Monday's statement…" statement.
July 1, 2014
News
Call it big data bloodlust: The more health information being generated by a growing contingency of apps, devices, electronic health records, mHealth sensors and wearables, the broader and stronger the desire for that data becomes.
June 30, 2014
News
In one of the largest HIPAA breaches ever reported, the Montana Department of Public Health and Human Services is notifying some 1.3 million people after hackers gained unfettered access to an agency server for nearly a year before being discovered.
June 25, 2014
News
More than 60 percent of all industries worldwide embrace BYOD, says Mac McMillan, CEO of the information security company CynergisTek and chairman of the HIMSS Privacy and Security Task Force. In healthcare, that number stands at around 85 percent, with 92 percent of that number saying personal mobile devices are in use multiple times every day.
June 25, 2014
News
As myriad healthcare organizations have attested, the aftermath of a HIPAA violation generally isn't a pretty sight, especially when it comes to one's bank account. One Indiana-based health system has witnessed this reality after being slapped with an $800,000 settlement for violating the HIPAA Privacy Rule.
June 24, 2014
News
The U.S. Department of Health & Human Services has launched a federal probe into HIPAA privacy violations at the University of Cincinnati Medical Center, according to an HHS spokesperson.
June 24, 2014
News
Data attacks on healthcare organizations have increased a whopping 100 percent from just four years ago, a reality that has chief security and information officers in a dash to stay ahead of the data protection curve.
June 23, 2014
News
In one of her first orders of business as new Health and Human Services Secretary, Sylvia Mathews Burwell has made management changes aimed at ensuring that HealthCare.gov is robust enough to handle the upcoming open enrollment period.
June 23, 2014
News
Some 90 percent of healthcare organizations have reported at least one data breach in the past two years, with more than a third seeing more than five breaches. Gerry Hinkley, partner at Pillsbury Winthrop Shaw Pittman's healthcare practice, says breach response is where many make major missteps, mistakes that can easily be avoided.
June 20, 2014
News
Hospitals and health systems have invested significant funds and other resources to meet numerous strategic enterprise initiatives such as ICD-10, Meaningful Use, HIPAA requirements, whether to join or form an ACO, and others. Executives from four major health systems came together for a roundtable discussion on how employing an integrated strategy has helped them overcome challenges and achieve goals. <br> </br> Learn how leading healthcare organizations are:<br> </br> • Educating stakeholders on the ultimate benefits of the initiatives<br> • Adopting methodologies that streamline workflows and reduce costs<br> • Sharing information and promoting best practices across the enterprise<br> • Avoiding initiatives being deployed in silos<br> • Knowing when to partner with trusted organizations to achieve initiatives more rapidly and efficiently<br>
April 30, 2013
Resource
sites/default/files/resource-media/pdf/roundtable_article_final.pdf
Protect
What are the most important questions to ask when selecting a secure texting solution? Find out what really matters by reading this whitepaper on the 10 most important things to know when evaluating a solution.
April 19, 2013
Resource
sites/default/files/resource-media/pdf/tigertext_white_paper_-_top_10_considerations_when_selecting_a_secure_text_messaging_solution.pdf
Protect
Cloud-based Microsoft Exchange service features all the mission critical enterprise-class communication and collaboration capabilities of an in-house solution without the unpredictable costs and management headaches. With flexible customization options, healthcare organizations can seamlessly move to a cloud-based solution without compromising security or altering their current encryption approach.
April 2, 2013
Resource
sites/default/files/resource-media/pdf/apptix_whitepaper_cloudreliability_final.pdf
Protect
This report outlines the future look of Forrester's solution for security and risk (S&R) executives working on building an identity and access management strategy for the extended enterprise. This report will help you understand the major business and IT trends affecting identity and access management (IAM) during the next five years. Learn why applying a Zero Trust information security model to IAM helps security teams unify and improve access control across the extended enterprise.
March 22, 2013
Resource
sites/default/files/resource-media/pdf/forrester_navigate_the_future_of_identity_and_access_management_final.pdf
Protect
Healthcare IT departments must defend against complex internal and external threats while still maintaining compliance with HIPAA/HITCH. The same is true for businesses of all kinds – they are simply overwhelmed. Clearly, organizational risk management has reached a critical juncture. A July 2012 IDG Research Services poll of CIOs and IT managers underscores the gravity of the situation. The results provide important data about how enterprises view compliance overall, and identity management and access governance in particular.
March 22, 2013
Resource
sites/default/files/resource-media/pdf/white_paper_idg_why_it_pays_to_take_a_busines-centric_approach_to_compli.pdf
Protect
Organizations of all kinds, including those in the healthcare industry, are doing business in new ways, thanks to new IT infrastructure technologies like virtualization, cloud computing and mobility, which are changing how users interact with information and with each other. As the enterprise becomes more interconnected and distributed, business agility increases; but information security specialists face new challenges around maintaining effective security and monitoring controls.
March 22, 2013
Resource
sites/default/files/resource-media/pdf/netiq_wp_realtimesecurityintelligence_print.pdf
Protect
Organizations are consuming software-as-a-service applications at an ever-accelerating rate. While the advantages of SaaS applications are many, so are the potential pitfalls of unauthorized access. As these applications become increasingly popular, the need to manage access SaaS-hosted information becomes even more crucial. Security, compliance reporting and ease of access must be balanced to ensure that information in the cloud is protected without impacting your organizations ability to serve patients, healthcare professionals, and business partners.
March 22, 2013
Resource
sites/default/files/resource-media/pdf/netiq_wp_extending_access_control_to_cloud_usv.pdf
Protect
Given the risks throughout today's complex threat and regulatory landscapes, your need to effectively and securely manage access to critical resources has never been greater. You need to know exactly who has access to what resources and if that access is appropriate. This is as true for the healthcare industry as it is for every other, highly regulated industry. As threats become more sophisticated, so does the speed with which your organization must respond to them.
March 22, 2013
Resource
sites/default/files/resource-media/pdf/white_paper_identity_and_access_governance_bringing_business_and_it_toge.pdf
Protect
The only thing that is constant is change. This old adage has never been truer for the healthcare industry than it is today. Businesses of all kinds must manage their systems in the face of ever growing and changing complexities. Good Identity and Access Governance practices are front and center in the ongoing battle to deal with constant change effectively.
March 22, 2013
Resource
sites/default/files/resource-media/pdf/white_paper_managing_change_and_complexity_with_identity_and_access_gove._1.pdf
Protect
For provider organizations, tools that drive improved performance of legacy clinical applications as well as improve security and create efficiencies in the management of client computing are increasingly becoming critical for healthcare organizations. Desktop virtualization technology is increasingly being used by providers to realize these advantages.
March 13, 2013
Resource
sites/default/files/resource-media/pdf/netapp_hc_wp_desktop_virtualization_031213.pdf
Protect
Agility is central to delivering excellence in patient care. However, healthcare organizations have entered a new era of scale in which the amount of data captured, processed, and stored is breaking down every architectural construct in the storage industry. NetApp delivers innovative technologies and capabilities for an agile data infrastructure that address the challenges of big data scale, enabling healthcare providers to gain insight into massive datasets, move data quickly, and store important content for long periods of time.
March 13, 2013
Resource
sites/default/files/resource-media/pdf/netapp_hc_wp_patient_care_clinical_data_031213.pdf
Protect
Google your name. The first results will likely be physician finder sites like RateMDs.com, Health Grades or Vitals, or broad-based service finders like Yelp or InsiderPages. The reviews can be critical to your success as a doctor in today’s world, regardless of whether they are true or not.
November 8, 2012
Blog
Although we all applaud the massive push towards electronic health records and the digitization of medical information, there are some very tangible cybercrime data breach threats that exist which could topple the momentum gained by the launch of the HITECH Act two and half years ago.
October 31, 2012
Blog
Since I keep track of this stuff, I need to include this BBC story on my blog. It involves a patient in a hospital ward taking a picture of another patient and posting it on Facebook along with an insult.
October 4, 2012
Blog
I’ve always been of the opinion that anything I disseminate via social media is pretty much fair game, and I try to play by the golden rule of “If you don’t want it used against you in a court of law, don’t tweet it, post it, link it, pin it, etc.”
July 9, 2012
Blog
At the weekly healthcare and social media tweet chat (#HITsm), hosted by HL7 Standards, participants discussed four previously posed questions, exploring the practical use of social media in the healthcare space. Here is a roundup of the best responses.
July 6, 2012
Blog
One major issue facing private and public Health Information Exchanges (HIE) is how to ensure patients privacy preferences are respected by obtaining their consent before data is shared.
June 20, 2012
Blog
America’s population is aging, insurance enrollment is growing, healthcare utilization is increasing, and the cost of delivering medical care is rising. As a result, many companies in the healthcare industry are being challenged to serve more patients and members, to improve the quality of care, and to reduce operational costs.
June 14, 2012
Blog
As we continue the journey to protect corporate data that is accessed from personal mobile devices, we're developing increasingly rigorous policies that rebalance individual preferences with corporate compliance requirements.
May 23, 2012
Blog
The Ponemon Institute recently released their Second Annual Benchmark Survey on Patient Privacy and Data Security. The study focused on actual data loss experience from a sample of 72 healthcare organizations. Co3 Systems created a Top 10 breach/data loss objectives list that helps organizations with the necessary steps in preparation of potential data breach.
May 17, 2012
Blog
There’s a fight going on about the adoption of health information technology in our country. This fight isn’t necessary and it shouldn’t be happening, but it is happening nonetheless – and patients have a lot at stake.
May 2, 2012
Blog
The Acting General Counsel of the National Labor Relations Board released a second report on outcome investigations involving social media that were submitted by regional offices and it underscores two main points.
May 2, 2012
Blog
Todd Park (@todd_park), United States chief technology officer for the Obama Administration, engaged in a live Twitter chat as part of Big Data Week, a string of community-led events relating to big data. Here is a Twitter recap of the Q&A.
April 25, 2012
Blog