Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
Every year, Coalfire, an IT governance, risk and compliance firm, names its top 5 information security and compliance predictions for the new year. And this time around, healthcare data breaches made the cut.
December 19, 2013
News
HIMSS is working with the U.S. Department of Health and Human Services, through HHS' Innovator in Residence program, to develop a strategy for nationwide patient data matching.
December 18, 2013
News
A new report from Experian Data Breach Resolution says healthcare will face "a perfect storm" for breaches in 2014. The Affordable Care Act, with its increased activity, as well as more people signing up for health insurance will only make the target that much larger.
December 17, 2013
News
Google users may have come across the protected health information of nearly 33,000 individuals over the last two months, after a health system's security gaffe left patient data exposed online.
December 13, 2013
News
The question is how to support and encourage changes in healthcare even as it is being molded by a digital tidal wave. Policy surely can't keep up, though the federal government and its host of volunteer advisory boards are losing sleep in a valiant effort to do so.
December 13, 2013
News
Most people are optimistic about technology innovations advancing healthcare, are willing to participate in virtual healthcare visits with their doctor, and would use health sensors in their bodies and even their toilets, according to a new study commissioned by Intel Corporation.
December 13, 2013
News
CommonWell Health Alliance has tapped the first three geographic locations for its roll out of interoperability services. Hospitals and ambulatory practices in Chicago, North Carolina and South Carolina will connect to exchange patient data.
December 11, 2013
News
It's an ironic story. The Office for Civil Rights, the division of HHS responsible for investigating HIPAA privacy and security violations, is now facing scrutiny after its own security practices failed to meet federal requirements.
December 10, 2013
News
Healthcare cloud services company ClearDATA Network closed an over-subscribed $14 million Series B funding round. The funding provides the company with capital to maximize its growth opportunities and momentum in the market, says ClearDATA President and CEO Darin Brannan.
December 5, 2013
News
Whether it's guarding against "malicious insiders" or ensuring C-suite execs are scared straight about the risks and regs they face, the coming year poses big challenges to healthcare according to Kroll's annual Cyber Security Forecast.
December 4, 2013
News
Some 90,000 University of Washington Medicine patients got a surprise this Thanksgiving, and it wasn't a very good one.
December 3, 2013
News
In its second reported data breach this fall, Kaiser Permanente is notifying patients seen at its Anaheim Medical Center that their protected health information has been compromised after a USB flash drive containing patient data went missing.
November 26, 2013
News
As more and more hospitals work to incorporate smartphones into their communication network, they have learned important lessons that can help other facilities make a smooth transition. At the end of the day, the goal is to get the right message, to the right person, on the right device, at the right time.
September 4, 2012
Resource
sites/default/files/resource-media/pdf/wp-us-6-lessons-hospital-smartphone-integration.pdf
Protect
Specialty medicine practices rarely employ a dedicated information technology resource. Durham Nephrology is no exception. The Durham practice navigated the uncharted waters of attesting to <a href="/directory/meaningful-use" target="_blank" class="directory-item-link">Meaningful Use</a> under <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">the HITECH Act</a> of 2009 without the benefit of an IT expert or outside consultant. They implemented an <a href="/directory/electronic-health-record-ehr" target="_blank" class="directory-item-link">EHR</a> system in 2003 and believed that an EHR was the only long-term, effective way to organize patient charts and clinical notes. Read this story to find out this resourceful team achieved their goals--and more.
September 4, 2012
Resource
sites/default/files/resource-media/pdf/pro100_proehr_durham_nephrology_associates_nephrology_nc_success_story_10_19_11.pdf
Protect
As doctors and hospitals fight for the lives of their patients, they find themselves drowning in a sea of paperwork. Healthcare workers struggle daily to communicate patient information quickly and securely while complying with numerous insurance policies and industry regulations. Now, with demand from the White House to demonstrate "<a href="/directory/meaningful-use" target="_blank" class="directory-item-link">meaningful use</a>", the incentive to invest in communications technology has never been greater. This report by Smith Ivanson explores the top communication challenges Healthcare organizations face today, and why many of them are turning to Fax Servers to send, receive, and store <a href="/directory/electronic-health-record-ehr" target="_blank" class="directory-item-link">EHRs</a>.
August 29, 2012
Resource
sites/default/files/resource-media/pdf/security__compliance_top_drivers_for_fax_server_adoption_in_healthcare.pdf
Protect
As healthcare organizations develop strategies to comply with federal mandates and succeed in the new environment, wireless is one of the emerging technologies that can enable organizations to meet their clinical and business objectives, especially in this era of having to do more with a finite set of resources. This paper, featuring results from a Healthcare IT News online survey from June and July 2012, discusses current usage of wireless data technology in healthcare and identifies areas of demand and the potential benefits of wireless solutions and strategies.
August 29, 2012
Resource
sites/default/files/resource-media/pdf/sprint_executive_summary_august_2012.pdf
Protect
Every HIM initiative - especially clinical documentation - relies on a single common thread for success: the availability and integrity of the right data to drive the correct decisions and follow-on actions. Capturing accurate, complete quality clinical documentation is the most critical and fundamental component in providing quality care, and ultimately has the biggest connection to generating revenue. This white paper describes the risks associated with the lack of a core HIT strategy; identifies HIT strategies that can help manage the complex clinical documentation challenges associated with ICD-10, RAC and ACOs; and provides an overview of existing and emerging technologies that have significant impact on addressing these challenges.
August 2, 2012
Resource
sites/default/files/resource-media/pdf/white_paper-perfect_storm.pdf
Protect
Structured and unstructured information are valuable assets that allow companies to make informed business decisions. As a common practice, companies have adopted back office systems and CRM as part of their IT infrastructure to address structured information that’s commonly found in databases. While CRM lays the foundation for the IT infrastructure it does not address the unstructured data that can be found between core systems.
June 22, 2012
Resource
sites/default/files/resource-media/pdf/whitepaper_champaign2.pdf
Protect
A new era in healthcare IT has arrived! Even when physicians can’t physically be there, new advances in technology allow them to always “virtually” be on the scene to save a life - whether it’s in the middle of the night or on their day off. In this short video, you’ll watch how a cardiologist prescribes a patient the medicine he needs stat at 2 a.m. You’ll see how easily you can access clinical desktops from anywhere and access real-time info about patients as they’re getting wheeled into the ER. In addition, the video will show you how to go mobile instantly with desktops that follow users, review real-time ER caseloads and enable HD face-to-face telemedicine. Also, watch how this doctor uses voice recognition to update patient records and secure patient health information (PHI) on devices. Don’t you love living in the future?
June 7, 2012
Resource
Do Not Protect
http://whitepapers.medtechmedia.com/himss-whitepapers/secure-physician-mobile-access-patient-data-virtualization
As many IT managers and HIPAA Security Officers have already discovered, HIPAA compliance requirements are daunting. The issues are so complex that some institutions have even taken a “wait and see” approach. But, sooner or later, you’ll be expected to demonstrate that your organization can detect, prevent, and respond to attacks, intrusions, or other system failures. Download this free whitepaper, HIPAA Compliance: Meeting the Security Challenge, to take a closer look at the HIPPA Compliance challenge.
May 22, 2012
Resource
sites/default/files/resource-media/pdf/solarwinds_hipaa_compliance_-_meeting_the_security_challenge.pdf
Protect
While the HIPAA Privacy Rule covers protected health information (PHI) in all forms, the HIPAA Security Rule specifically applies only to PHI that is maintained, transformed, or transmitted in electronic form (e-PHI). The Security Rule requires covered entities to meet specific objectives and presents major challenges for virtually every covered entity in the HIPAA environment, no matter how big or small. Covered entities include health plans, health care clearinghouses, and healthcare providers. In addition, business partners and associates who interact with covered entities are forced to deal with the same security issues as covered entities. IT professionals, like you, know the amount of work involved in supporting HIPAA compliance. The members of your IT team have enough on their plates without assuming the role of HIPAA police, but the team can also appreciate that adding technologies for HIPAA Security Rule compliance is an opportunity to make improvements in overall IT security that increases the organization’s bottom line. Read this white paper, including results from the HIMSS 2010 Security Survey, to learn how to fulfill HIPAA Security Rule requirements and improve overall control and performance of your IT infrastructure.
May 16, 2012
Resource
sites/default/files/resource-media/pdf/dell_fulfill_hipaa_security.pdf
Protect
As employees bring their mobile devices to the workplace, while it may increase productivity and reduce cost, it also causes security weaknesses. Download this paper to learn more about mobile security device threats and how to establish a mobile security strategy.
May 7, 2012
Resource
sites/default/files/resource-media/pdf/ibm_securing_mobile_devices.pdf
Protect
About 39% of medical offices in the U.S. have adopted <a href="/directory/electronic-medical-record-emr" target="_blank" class="directory-item-link">EMR</a> technology, according to SK&A. With Medicare and Medicaid incentive payments now available to physician practices and hospitals who make <a href="/directory/meaningful-use" target="_blank" class="directory-item-link">Meaningful Use</a> of such technology, that number is expected to rise over the next several years. But what about the practices who have not yet embarked on the journey toward EMR implementation? What’s holding them back? And where should they turn for help in managing the transition from paper-based records to electronic systems? Download this white paper to learn more about EMR implementation best practices.
April 18, 2012
Resource
sites/default/files/resource-media/pdf/ge_executing_best_practices.pdf
Protect
The United States is undergoing a major transformation of its healthcare delivery system, driven by federal health IT investments and healthcare reforms. This content piece features information from a joint presentation at the HIMSS12 Annual Conference & Exhibition in Las Vegas in February, where Eric Dishman, General Manager of Health Strategy and Solutions at Intel Corporation, and Jason Hwang, MD, executive director of healthcare at the Innosight Institute, presented on the power of “disruptive innovation” to meet the challenges of transforming the U.S. health sector. Download this paper to read examples of how disruption health IT innovation is driving new care models across the globe.
March 29, 2012
Resource
sites/default/files/resource-media/pdf/intel_disruptive_innovation.pdf
Protect
The HITECH Act called for stepped-up HIPAA privacy and security and breach notification rule enforcement with respect to covered entities and business associates, to be accomplished by spot-check audits.
November 9, 2011
Blog
This weekend, I was busy using online applications. While I love doing things online, I do not love signing on to the various websites. This led me to think about my healthcare clients, the clinicians and physicians who need to sign into multiple systems several times a day to do their jobs.
October 10, 2011
Blog
The 83rd Annual AHIMA Convention & Exhibit took place this week in Salt Lake City, Utah. The official AHIMA Resources twitter account promoted the hashtag #AHIMA11 in the weeks building up to the conference, in hopes that attendees would share personal experiences, tweet live events and enjoy the networking affairs. Here is a twitter recap of those who chose to do so.
October 7, 2011
Blog
At BIDMC, I oversee 10,600 desktops and 2000 laptops. They are all locked down with System Center Configuration Manager 2007 and McAfee ePolicy Orchestrator.
October 4, 2011
Blog
HHS announced the publication of a new proposed rule titled: CLIA Program and HIPAA Privacy Rule; Patients’ Access to Test Reports.
September 30, 2011
Blog
I get lots of questions about HIPAA security these days; especially as EHR firms, hospitals, payers, and startups alike are being asked about their HIPAA policies. My general recommendation is that you should forget about HIPAA at first.
September 20, 2011
Blog
When Dr. Farzad Mostashari, the national coordinator for health information technology, addresses more than 4,700 healthcare professionals at the Allscripts Client Experience in Nashville on Monday morning, Aug. 29, he’s likely to discuss one of the most exciting developments in healthcare today – and perhaps surprisingly, it won’t be the meaningful use of electronic health records.
August 28, 2011
Blog
I've been thinking about the Strategic Health IT Advance Research Projects (SHARP) Program lately and plan to give an update soon on some of the progress being made.
August 26, 2011
Blog
A little over a month ago, I asked our Healthcare IT News social media followers if they believed a nation-wide transition to EHRs for doctors would lower healthcare costs. From Twitter to Facebook, there was a wide range of opinions.
August 11, 2011
Blog
I read a post earlier today talking about concerns of a healthcare organization that would be sharing its data with its patients. One of the concerns was that sharing the data (with a competitor) would make it easier for the patient to get care elsewhere.
July 26, 2011
Blog
I finally made it to Redwood MedNet Health Information Exchange Conference and share my learnings and thoughts below.
July 19, 2011
Blog
Personal health information and the lack of security surrounding it has caused quite a bit of buzz lately.
July 13, 2011
Blog