Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
Working to spur more innovative approaches and complete understanding of pain management, six federal agencies have teamed to centralize data on pain research.
May 29, 2014
News
Information is money. And data brokers, companies that mine consumers' personal information and sell to the highest bidder, know this more than anyone. Their practices in collecting said data, however, have recently come under fire.
May 28, 2014
News
When it comes to privacy and security, healthcare IT leaders have their hands full. The Privacy & Security Forum, which will take place in San Diego, will help healthcare organizations address these challenges and mitigate risk throughout their organizations.
May 28, 2014
News
Returning service members are looking for jobs. Healthcare IT departments are desperate for qualified candidates. What special skill sets can veterans bring to the table?
May 26, 2014
News
There's a little bit of good news in the healthcare IT arena: CEOs and CIOs are quickly moving to make hiring chief information security officers a top priority.
May 20, 2014
News
A keystroke logger infecting three computers has been blamed for swiping the medical and financial data of UC Irvine Student Health Center patients.
May 19, 2014
News
Kaiser Permanente's Jim Doggett talks about the policies and practices that go into the planning of a secure environment.
May 14, 2014
News
A cyber threat response drill for healthcare organizations conducted this past month highlighted some serious challenges facing healthcare security professionals.
May 13, 2014
News
To those shirking their HIPAA privacy and security duties: get ready to pay up. That's the message the Department of Health and Human Services is sending after it set records Wednesday for imposing the largest HIPAA monetary fine to date on two entities found to be seriously lacking in the security arena.
May 8, 2014
News
HIE among U.S. non-federal acute care hospitals has been trending upward since 2008, in fact, and it took some major leaps forward in 2013.
May 6, 2014
News
When even the Department of Homeland Security is warning against using Internet Explorer, it's a safe bet its security flaws are serious. But for many healthcare providers -- notably those still running on Windows XP -- IE's recently-exposed vulnerabilities won't be fixed by Microsoft.
May 1, 2014
News
Can a subcontractor expect to keep the job after accidentally posting protected health information of some 15,000 patients online? A Boston teaching hospital says, "definitely not."
May 1, 2014
News
Information Transforms Healthcare. As a Provider, you collect more data than ever before, from EMRs, patient surveys, home monitoring, to imaging. Collaborating on patient care is difficult at best—there’s so much data, it can’t easily be shared and it’s often incomplete. And new insights can only be derived from relevant information. IT executives can close the gap between maintenance and innovation budgets and deliver clinically relevant, operationally efficient, and fiscally sound solutions for the business. How? With a proven IT infrastructure that allows you to securely take advantage of newly digitized data.
November 7, 2012
Resource
sites/default/files/resource-media/pdf/emc_transformhealthcare.pdf
Protect
The wealth of electronic data generated by the U.S. healthcare system presents a paradox for healthcare providers. Cloud services offers healthcare an attractive solution, helping hospitals scale with ease, better manage resources, and provide fluid access and sharing of medical images across organizations, departments and providers – achieving a connectedness that supports healthcare organizations’ patient care goals. Learn why cloud services may be the solution to your healthcare organization’s medical imaging challenges.
November 7, 2012
Resource
sites/default/files/resource-media/pdf/medical_imaging_in_the_cloud_final.pdf
Protect
Meaningful Use Stage 2: A handbook for providers discusses the changes in Stage 2 following the release of the final rules. This report focuses on what providers should expect, technology challenges and business opportunities in Stage 2 criteria, and key enterprise strategies for Stage 2 initiatives.
October 29, 2012
Resource
sites/default/files/resource-media/pdf/ebook_mustage2_handbook.pdf
Protect
In healthcare, IT systems management is not simply a matter of process efficiency and cost savings—it could be a matter of life or death for patients. Faced with regulatory requirements, widely dispersed facilities, demands for <a href="/directory/electronic-health-record-ehr" target="_blank" class="directory-item-link">electronic health records</a> (EHRs), and increasingly more and more mobile devices for providers, healthcare IT managers are forced to streamline systems management as budgets and headcount shrink.
October 25, 2012
Resource
sites/default/files/resource-media/pdf/dell_systems_management_in_healthcare.pdf
Protect
The arrival of <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">HITECH</a> and other laws designed to enforce HIPAA privacy guidelines makes maintaining HIPAA compliance more important than ever. Faxing anything, in a traditional manner, while maintaining compliance is extremely difficult. Therefore, we need to change the way we process and handle patient healthcare information. Fortunately, the advent of intelligent fax boards has paved the way for healthcare entities to transition into the future while allowing for more economical use of resources and reducing environmental impact.
October 18, 2012
Resource
sites/default/files/resource-media/pdf/hipaa_fax_white_paper_v0.8.pdf
Protect
Electronic locks and latches provide enhanced security where healthcare facilities need it the most – on the carts and cabinets that house valuable medical supplies and patient information. Electronic locks provide secure locking and audit trail capabilities that can help healthcare IT managers comply with industry regulations such as HIPAA and <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">HITECH</a>. This white paper explores opportunities for improved physical security in the healthcare environment and reviews electronic access solutions available to equipment manufacturers.
October 16, 2012
Resource
sites/default/files/resource-media/pdf/southco_wp_medsecurity.pdf
Protect
Memorial Hermann needed a more efficient way to process 32,000 user access requests per year to key healthcare and enterprise applications, and better controls around access provided to 20,000 employees including caregivers, employees and temporary workers spread throughout greater Houston, while demonstrating regulatory compliance — primarily with HIPAA and <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">HITECH</a>. With the Courion identity and access management suite, Memorial Hermann is now able to perform timely user attestations, streamline compliance, increase operational efficiency and strengthen security.
October 8, 2012
Resource
sites/default/files/resource-media/pdf/casestudy_mhhs_courion.pdf
Protect
HealthSpring is one of the country’s largest and fastest growing providers of <a href="/directory/medicare" target="_blank" class="directory-item-link">Medicare</a> Advantage health care plans with more than one million members in 11 states and the District of Columbia. To improve the accuracy, speed and scalability of its compliance program, HealthSpring chose Courion. The Courion suite is integrated with all of HealthSpring’s critical information technology systems, including its PeopleSoft <a href="/directory/enterprise-resource-planning" target="_blank" class="directory-item-link">enterprise resource planning</a> (ERP), claims processing and membership management systems.
October 8, 2012
Resource
sites/default/files/resource-media/pdf/casestudy_healthspring_courion.pdf
Protect
With sensitive data being continually accessed across the enterprise, the web, and mobile devices, organizations are constantly facing the challenge of protecting their critical assets such as employee and patient data – all of which impact their reputations and their bottom lines. Healthcare organizations in particular need to ensure only the right people have the right access to the right information at the right time. That’s the objective of an access risk management strategy.
October 8, 2012
Resource
sites/default/files/resource-media/pdf/white_paper_access_risk_management_courion.pdf
Protect
Hospitals and medical offices are busy places. Ever wonder how easy it would be for someone to walk out with an office laptop or mobile device? Not only do patients expect confidentiality of their medical records but government regulations like HIPAA demand it. The theft of laptops, computers and mobile devices is a common cause of data breaches and physical security is a highly effective first line of defense.
October 8, 2012
Resource
sites/default/files/resource-media/pdf/kensington_white_paper_080612.pdf
Protect
By taking a comprehensive approach to systems management, healthcare providers’ IT departments can significantly reduce the amount of time required to perform routine maintenance tasks, therefore improving productivity. These time savings allow IT departments to shift staff to more value added activities that help support the business and reachstrategic goals.
September 19, 2012
Resource
sites/default/files/resource-media/pdf/realizing_the_return.pdf
Protect
This white paper provides a brief overview of HIPAA regulations and how healthcare organizations are using technology to assist with compliance. Many traditional document handling processes do not comply with HIPAA regulations for privacy and security. The whitepaper discusses network faxing, explores advantages for implementing a network fax solution to support HIPAA compliance initiatives and to improve the security and overall efficiency of the document transmission processes.
September 11, 2012
Resource
sites/default/files/resource-media/pdf/hipaa_healthcare_transformation_to_electronic_communications.pdf
Protect
Healthcare organizations have avoided the use of "public cloud" because of HIPAA/HITECH privacy concerns, lack of breach indemnification/data integrity guarantees, and the unwillingness of many cloud providers to sign business associate agreements.
April 13, 2012
Blog
I was able to talk with Gary Thompson co-founder and CEO of CLOUD Inc. - also known as the Consortium for Local Ownership and Use of Data, Inc.
April 10, 2012
Blog
While many industries are reliant on information technology to deliver services and drive innovation, none is so deeply entwined in IT than healthcare. As such, it should be no surprise that the potential impact of cloud computing is being felt, with mixed feelings, most acutely in this industry.
April 6, 2012
Blog
Like many of you, I made the annual pilgrimage to the HIMSS Conference last month but I didn’t write much publicly about it. Here’s what I learned while I was in Vegas and my takeaways for the rest of the year.
March 27, 2012
Blog
When will our employees learn not to identify patients on Facebook or any other social media site?
January 5, 2012
Blog
Can you hear that clock ticking down to Jan. 1, 2012? If you are among the few in healthcare who are really on the ball, becoming compliant with new ASC-X12 5010 transaction standards ahead of the deadline, then congratulations!
December 13, 2011
Blog
This past week I had the pleasure of traveling, along with MedTech Media Editorial Director Rich Pizzi, to Amelia Island, Fla. for the inaugural HIMSS Leaders & Innovators conference.
November 22, 2011
Blog
I was interviewed for an article on AIS Health that came out last week. The title of this article -- on health care social media and regulatory and legal issues that health care providers may face in using these tools -- struck me as being tinged with hysteria.
November 17, 2011
Blog
The healthcare industry is under constant pressure to streamline the sharing and availability of information, while at the same time maintaining ever-more rigorous controls over patient privacy, and of course, reducing costs at the same time. Therefore cloud computing offers some significant opportunities, perhaps even more significant than in many other industries.
November 15, 2011
Blog
The HITECH Act called for stepped-up HIPAA privacy and security and breach notification rule enforcement with respect to covered entities and business associates, to be accomplished by spot-check audits.
November 9, 2011
Blog
This weekend, I was busy using online applications. While I love doing things online, I do not love signing on to the various websites. This led me to think about my healthcare clients, the clinicians and physicians who need to sign into multiple systems several times a day to do their jobs.
October 10, 2011
Blog
The 83rd Annual AHIMA Convention & Exhibit took place this week in Salt Lake City, Utah. The official AHIMA Resources twitter account promoted the hashtag #AHIMA11 in the weeks building up to the conference, in hopes that attendees would share personal experiences, tweet live events and enjoy the networking affairs. Here is a twitter recap of those who chose to do so.
October 7, 2011
Blog