Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
In one of her first orders of business as new Health and Human Services Secretary, Sylvia Mathews Burwell has made management changes aimed at ensuring that HealthCare.gov is robust enough to handle the upcoming open enrollment period.
June 23, 2014
News
Some 90 percent of healthcare organizations have reported at least one data breach in the past two years, with more than a third seeing more than five breaches. Gerry Hinkley, partner at Pillsbury Winthrop Shaw Pittman's healthcare practice, says breach response is where many make major missteps, mistakes that can easily be avoided.
June 20, 2014
News
More than 20,000 patients seen at a San Diego hospital are getting HIPAA breach notification letters after employees on two separate occasions emailed protected health information to job applicants by mistake. One incident occurred nearly two years ago.
June 19, 2014
News
It's not just the thought of having a data security breach that concerns Kaiser Permanente's Jim Doggett. It's the far-reaching damage such an event could wreak that really keeps him up at night.
June 17, 2014
News
Eighty percent of respondents to the inaugural 2014 HIMSS Analytics Cloud Survey say they currently use cloud-based IT services, for everything from human resources technology to data backup and disaster recovery. Still qualms about performance and privacy persist.
June 17, 2014
News
Imagine if almost everyone walking into your hospital -- patients, doctors, visitors, salespeople -- was carrying an active homing beacon, which broadcast, unencrypted, their presence and repeatedly updated exact location to anyone who chose to listen.
June 16, 2014
News
As anyone who's ever worked for IT security can attest, the job is no walk in the park. New threats, compliance mandates, vulnerabilities and updates are constant. But with strong leadership, and a culture of compliance and responsibility to match, many healthcare organizations have shown it can be done right -- and well.
June 13, 2014
News
A Northern California hospital is reevaluating its security policies after an unencrypted USB drive containing the protected health information of nearly 34,000 patients was stolen from an employee's unlocked locker.
June 13, 2014
News
After nearly five years at the Office of the National Coordinator for Health IT, Chief Privacy Officer Joy Pritts will be leaving her post later this summer.
June 12, 2014
News
Kevin Johnson is a professional hacker -- albeit a self-described ethical one. As head of the security consulting firm Secure Ideas, his job involves probing into organizations' networks and applications to identify vulnerabilities. What he sees in healthcare terrifies him.
June 11, 2014
News
The University of Cincinnati Medical Center is at the center of a legal battle that is the nightmare of every healthcare organization corporate counsel. The allegation is that a financial services employee of the hospital accessed the detailed billing records of a patient with a sexually transmitted disease and deliberately and maliciously published those records on Facebook, taunting and ridiculing the patient.
June 10, 2014
News
A Pennsylvania-based hospital is notifying nearly 2,000 patients of a HIPAA breach after an employee accessed and transmitted patients' protected health data outside of the hospital's secure network.
June 9, 2014
News
Given the risks throughout today's complex threat and regulatory landscapes, your need to effectively and securely manage access to critical resources has never been greater. You need to know exactly who has access to what resources and if that access is appropriate. This is as true for the healthcare industry as it is for every other, highly regulated industry. As threats become more sophisticated, so does the speed with which your organization must respond to them.
March 22, 2013
Resource
sites/default/files/resource-media/pdf/white_paper_identity_and_access_governance_bringing_business_and_it_toge.pdf
Protect
The only thing that is constant is change. This old adage has never been truer for the healthcare industry than it is today. Businesses of all kinds must manage their systems in the face of ever growing and changing complexities. Good Identity and Access Governance practices are front and center in the ongoing battle to deal with constant change effectively.
March 22, 2013
Resource
sites/default/files/resource-media/pdf/white_paper_managing_change_and_complexity_with_identity_and_access_gove._1.pdf
Protect
For provider organizations, tools that drive improved performance of legacy clinical applications as well as improve security and create efficiencies in the management of client computing are increasingly becoming critical for healthcare organizations. Desktop virtualization technology is increasingly being used by providers to realize these advantages.
March 13, 2013
Resource
sites/default/files/resource-media/pdf/netapp_hc_wp_desktop_virtualization_031213.pdf
Protect
Agility is central to delivering excellence in patient care. However, healthcare organizations have entered a new era of scale in which the amount of data captured, processed, and stored is breaking down every architectural construct in the storage industry. NetApp delivers innovative technologies and capabilities for an agile data infrastructure that address the challenges of big data scale, enabling healthcare providers to gain insight into massive datasets, move data quickly, and store important content for long periods of time.
March 13, 2013
Resource
sites/default/files/resource-media/pdf/netapp_hc_wp_patient_care_clinical_data_031213.pdf
Protect
This white paper focuses on how an EHR-Extender (EHR-e) can help hospitals leverage data trapped in the EHR and other clinical systems to establish better care team communication. The result of contextual critical alerts and texts are improved communication and enhanced workflows which makes patients, healthcare staff, administration, and regulators happy.
January 2, 2013
Resource
sites/default/files/resource-media/pdf/extension_wp_beyond_the_ehr_final.2012.12.11.pdf
Protect
Watch this informative video to learn more about EXTENSION's most popular clinical workflow solutions for nurses and physicians inluding nurse call integration, mobile critical lab notifications, mobile report availability, mobile STAT order notifications, HIPAA-compliant texting and more. EXTENSION's mobile point-of-care solutions improve staff satisfaction, patient safety, and HCAHPS scores.
January 2, 2013
Resource
Protect
http://www.medtechmedia.com/files/resource_central/HealthAlert_Overview_Video.mov
In March 2012, the Obama Administration launched a $200 million “Big Data Research and Development Initiative,” which aims to transform the use of big data for scientific discovery and biomedical research, among other areas. Stakeholders now need to come together to take advantage of market conditions and realize the value of the incredible amount of important data in a more efficient and expeditious manner. In the spirit of collaboration and as part of the Intel Innovations Summit, the global technology leader in computing convened four thought leaders to share how their respective industries are meeting challenges and utilizing big data.
November 15, 2012
Resource
sites/default/files/resource-media/pdf/intel_white_paper_1_big_data.pdf
Protect
A recent survey of IT executives found nearly 90% see business value in transitioning to Cloud computing, but only 20% have a plan to get there. Healthcare Cloud solutions require Compliance, Security, Privacy, Redundancy, and Scalability, so choosing the right path from on-premises servers to the Cloud can be daunting. Learn how to chart a quick and affordable course to healthcare <a href="/directory/cloud-computing" target="_blank" class="directory-item-link">Cloud Computing</a> and how to choose the right Cloud services partner.
November 7, 2012
Resource
sites/default/files/resource-media/pdf/qts_sizing_up_the_cloud_v2gen.pdf
Protect
In January 2010, QualSight - the nation’s largest LASIK manager serving over 75 million health plan members - was informed that a hack attempt had been made against their infrastructure. They were concerned that a repeat occurrence could take place and wanted to take a pro-active role in eliminating any future occurrence. Download this case study to find out how QualSight finally found a solution that offered complete HIPAA compliancy.
November 7, 2012
Resource
sites/default/files/resource-media/pdf/fh_cs_qualsight_wp.pdf
Protect
Information Transforms Healthcare. As a Provider, you collect more data than ever before, from EMRs, patient surveys, home monitoring, to imaging. Collaborating on patient care is difficult at best—there’s so much data, it can’t easily be shared and it’s often incomplete. And new insights can only be derived from relevant information. IT executives can close the gap between maintenance and innovation budgets and deliver clinically relevant, operationally efficient, and fiscally sound solutions for the business. How? With a proven IT infrastructure that allows you to securely take advantage of newly digitized data.
November 7, 2012
Resource
sites/default/files/resource-media/pdf/emc_transformhealthcare.pdf
Protect
As the nation begins its pilots of pioneer Accountable Care Organizations and shares more data for care coordination and population management, IT departments will be asked to make clinical records available to increasing numbers of loosely affiliated clinicians and staff.
April 24, 2012
Blog
Healthcare organizations have avoided the use of "public cloud" because of HIPAA/HITECH privacy concerns, lack of breach indemnification/data integrity guarantees, and the unwillingness of many cloud providers to sign business associate agreements.
April 13, 2012
Blog
I was able to talk with Gary Thompson co-founder and CEO of CLOUD Inc. - also known as the Consortium for Local Ownership and Use of Data, Inc.
April 10, 2012
Blog
While many industries are reliant on information technology to deliver services and drive innovation, none is so deeply entwined in IT than healthcare. As such, it should be no surprise that the potential impact of cloud computing is being felt, with mixed feelings, most acutely in this industry.
April 6, 2012
Blog
Like many of you, I made the annual pilgrimage to the HIMSS Conference last month but I didn’t write much publicly about it. Here’s what I learned while I was in Vegas and my takeaways for the rest of the year.
March 27, 2012
Blog
When will our employees learn not to identify patients on Facebook or any other social media site?
January 5, 2012
Blog
Can you hear that clock ticking down to Jan. 1, 2012? If you are among the few in healthcare who are really on the ball, becoming compliant with new ASC-X12 5010 transaction standards ahead of the deadline, then congratulations!
December 13, 2011
Blog
This past week I had the pleasure of traveling, along with MedTech Media Editorial Director Rich Pizzi, to Amelia Island, Fla. for the inaugural HIMSS Leaders & Innovators conference.
November 22, 2011
Blog
I was interviewed for an article on AIS Health that came out last week. The title of this article -- on health care social media and regulatory and legal issues that health care providers may face in using these tools -- struck me as being tinged with hysteria.
November 17, 2011
Blog
The healthcare industry is under constant pressure to streamline the sharing and availability of information, while at the same time maintaining ever-more rigorous controls over patient privacy, and of course, reducing costs at the same time. Therefore cloud computing offers some significant opportunities, perhaps even more significant than in many other industries.
November 15, 2011
Blog
The HITECH Act called for stepped-up HIPAA privacy and security and breach notification rule enforcement with respect to covered entities and business associates, to be accomplished by spot-check audits.
November 9, 2011
Blog
This weekend, I was busy using online applications. While I love doing things online, I do not love signing on to the various websites. This led me to think about my healthcare clients, the clinicians and physicians who need to sign into multiple systems several times a day to do their jobs.
October 10, 2011
Blog