Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
While it's clear how Apple's HealthKit and the newest smartphones will play in the healthcare realm, Apple Pay, which the company is rumored to be preparing for a debut when it announces new iPads this week, could actually have an impact there as well.
October 15, 2014
News
An academic medical center in California is notifying patients of a HIPAA breach after officials discovered that a physician's email account had been hacked by an outside source.
October 14, 2014
News
National coordinator Karen DeSalvo, MD, revealed on Tuesday that ONC now has a new Chief Privacy Officer. "She brings a set of rich experiences at the intersection of health information, privacy, and modernizing the health care delivery system," DeSalvo wrote in an email to staff.
October 14, 2014
News
The U.S. government's new $450 million job training program targets 270 community colleges across the country, many of which plan to offer courses in health IT.
October 8, 2014
News
Add Facebook to the list of Silicon Valley technology companies looking for ways to make personal health data a new part of their growth strategy. Like Apple and Google, the social network is said to be developing wellness apps, as well as health discussion groups for its 1.3 billion users.
October 6, 2014
News
As Shellshock, the latest serious cybersecurity flaw, casts its shadow over healthcare, the U.S. Food and Drug Administration has finalized a set of recommendations to protect medical devices from Web-based attacks.
October 2, 2014
News
If you think you'll be able to dodge a data breach without putting in some serious work, think again. This year, healthcare organizations have reported more breaches than ever -- a 10 percent jump, on average. So what are they doing to improve these numbers? Not nearly enough, says the Ponemon Institute.
October 1, 2014
News
A mail merge gone wrong has officials at the University of Florida and Texas Health and Human Services rushing to send patient notification letters after the error, which occurred a year ago, resulted in a data breach.
September 29, 2014
News
The Health Information Trust Alliance has put out a word of warning about Shellshock, a system vulnerability it says could wreak much more damage than the infamous Heartbleed bug.
September 29, 2014
News
The HHS Office of the Inspector General found one "critical vulnerability" in the security of information on HealthCare.gov, according to a report it released Tuesday.
September 23, 2014
News
"Just by having an app on your device, (a cybercriminal) can determine your call history, take your contact list info, if they choose to." That's how vulnerable smartphones, tablets and their mobile ilk actually are, Jim Routh said, and it's not just the devices that chief information security officers like him have to worry about.
September 23, 2014
News
App developers, who say they are being left out of important mHealth privacy and security conversations, are calling on the federal government to give them a little more transparency around the issues.
September 18, 2014
News
Hospitals and health systems have invested significant funds and other resources to meet numerous strategic enterprise initiatives such as ICD-10, Meaningful Use, HIPAA requirements, whether to join or form an ACO, and others. Executives from four major health systems came together for a roundtable discussion on how employing an integrated strategy has helped them overcome challenges and achieve goals. <br> </br> Learn how leading healthcare organizations are:<br> </br> • Educating stakeholders on the ultimate benefits of the initiatives<br> • Adopting methodologies that streamline workflows and reduce costs<br> • Sharing information and promoting best practices across the enterprise<br> • Avoiding initiatives being deployed in silos<br> • Knowing when to partner with trusted organizations to achieve initiatives more rapidly and efficiently<br>
April 30, 2013
Resource
sites/default/files/resource-media/pdf/roundtable_article_final.pdf
Protect
What are the most important questions to ask when selecting a secure texting solution? Find out what really matters by reading this whitepaper on the 10 most important things to know when evaluating a solution.
April 19, 2013
Resource
sites/default/files/resource-media/pdf/tigertext_white_paper_-_top_10_considerations_when_selecting_a_secure_text_messaging_solution.pdf
Protect
Cloud-based Microsoft Exchange service features all the mission critical enterprise-class communication and collaboration capabilities of an in-house solution without the unpredictable costs and management headaches. With flexible customization options, healthcare organizations can seamlessly move to a cloud-based solution without compromising security or altering their current encryption approach.
April 2, 2013
Resource
sites/default/files/resource-media/pdf/apptix_whitepaper_cloudreliability_final.pdf
Protect
This report outlines the future look of Forrester's solution for security and risk (S&R) executives working on building an identity and access management strategy for the extended enterprise. This report will help you understand the major business and IT trends affecting identity and access management (IAM) during the next five years. Learn why applying a Zero Trust information security model to IAM helps security teams unify and improve access control across the extended enterprise.
March 22, 2013
Resource
sites/default/files/resource-media/pdf/forrester_navigate_the_future_of_identity_and_access_management_final.pdf
Protect
Healthcare IT departments must defend against complex internal and external threats while still maintaining compliance with HIPAA/HITCH. The same is true for businesses of all kinds – they are simply overwhelmed. Clearly, organizational risk management has reached a critical juncture. A July 2012 IDG Research Services poll of CIOs and IT managers underscores the gravity of the situation. The results provide important data about how enterprises view compliance overall, and identity management and access governance in particular.
March 22, 2013
Resource
sites/default/files/resource-media/pdf/white_paper_idg_why_it_pays_to_take_a_busines-centric_approach_to_compli.pdf
Protect
Organizations of all kinds, including those in the healthcare industry, are doing business in new ways, thanks to new IT infrastructure technologies like virtualization, cloud computing and mobility, which are changing how users interact with information and with each other. As the enterprise becomes more interconnected and distributed, business agility increases; but information security specialists face new challenges around maintaining effective security and monitoring controls.
March 22, 2013
Resource
sites/default/files/resource-media/pdf/netiq_wp_realtimesecurityintelligence_print.pdf
Protect
Organizations are consuming software-as-a-service applications at an ever-accelerating rate. While the advantages of SaaS applications are many, so are the potential pitfalls of unauthorized access. As these applications become increasingly popular, the need to manage access SaaS-hosted information becomes even more crucial. Security, compliance reporting and ease of access must be balanced to ensure that information in the cloud is protected without impacting your organizations ability to serve patients, healthcare professionals, and business partners.
March 22, 2013
Resource
sites/default/files/resource-media/pdf/netiq_wp_extending_access_control_to_cloud_usv.pdf
Protect
Given the risks throughout today's complex threat and regulatory landscapes, your need to effectively and securely manage access to critical resources has never been greater. You need to know exactly who has access to what resources and if that access is appropriate. This is as true for the healthcare industry as it is for every other, highly regulated industry. As threats become more sophisticated, so does the speed with which your organization must respond to them.
March 22, 2013
Resource
sites/default/files/resource-media/pdf/white_paper_identity_and_access_governance_bringing_business_and_it_toge.pdf
Protect
The only thing that is constant is change. This old adage has never been truer for the healthcare industry than it is today. Businesses of all kinds must manage their systems in the face of ever growing and changing complexities. Good Identity and Access Governance practices are front and center in the ongoing battle to deal with constant change effectively.
March 22, 2013
Resource
sites/default/files/resource-media/pdf/white_paper_managing_change_and_complexity_with_identity_and_access_gove._1.pdf
Protect
For provider organizations, tools that drive improved performance of legacy clinical applications as well as improve security and create efficiencies in the management of client computing are increasingly becoming critical for healthcare organizations. Desktop virtualization technology is increasingly being used by providers to realize these advantages.
March 13, 2013
Resource
sites/default/files/resource-media/pdf/netapp_hc_wp_desktop_virtualization_031213.pdf
Protect
Agility is central to delivering excellence in patient care. However, healthcare organizations have entered a new era of scale in which the amount of data captured, processed, and stored is breaking down every architectural construct in the storage industry. NetApp delivers innovative technologies and capabilities for an agile data infrastructure that address the challenges of big data scale, enabling healthcare providers to gain insight into massive datasets, move data quickly, and store important content for long periods of time.
March 13, 2013
Resource
sites/default/files/resource-media/pdf/netapp_hc_wp_patient_care_clinical_data_031213.pdf
Protect
Todd Park (@todd_park), United States chief technology officer for the Obama Administration, engaged in a live Twitter chat as part of Big Data Week, a string of community-led events relating to big data. Here is a Twitter recap of the Q&A.
April 25, 2012
Blog
As the nation begins its pilots of pioneer Accountable Care Organizations and shares more data for care coordination and population management, IT departments will be asked to make clinical records available to increasing numbers of loosely affiliated clinicians and staff.
April 24, 2012
Blog
Healthcare organizations have avoided the use of "public cloud" because of HIPAA/HITECH privacy concerns, lack of breach indemnification/data integrity guarantees, and the unwillingness of many cloud providers to sign business associate agreements.
April 13, 2012
Blog
I was able to talk with Gary Thompson co-founder and CEO of CLOUD Inc. - also known as the Consortium for Local Ownership and Use of Data, Inc.
April 10, 2012
Blog
While many industries are reliant on information technology to deliver services and drive innovation, none is so deeply entwined in IT than healthcare. As such, it should be no surprise that the potential impact of cloud computing is being felt, with mixed feelings, most acutely in this industry.
April 6, 2012
Blog
Like many of you, I made the annual pilgrimage to the HIMSS Conference last month but I didn’t write much publicly about it. Here’s what I learned while I was in Vegas and my takeaways for the rest of the year.
March 27, 2012
Blog
When will our employees learn not to identify patients on Facebook or any other social media site?
January 5, 2012
Blog
Can you hear that clock ticking down to Jan. 1, 2012? If you are among the few in healthcare who are really on the ball, becoming compliant with new ASC-X12 5010 transaction standards ahead of the deadline, then congratulations!
December 13, 2011
Blog
This past week I had the pleasure of traveling, along with MedTech Media Editorial Director Rich Pizzi, to Amelia Island, Fla. for the inaugural HIMSS Leaders & Innovators conference.
November 22, 2011
Blog
I was interviewed for an article on AIS Health that came out last week. The title of this article -- on health care social media and regulatory and legal issues that health care providers may face in using these tools -- struck me as being tinged with hysteria.
November 17, 2011
Blog
The healthcare industry is under constant pressure to streamline the sharing and availability of information, while at the same time maintaining ever-more rigorous controls over patient privacy, and of course, reducing costs at the same time. Therefore cloud computing offers some significant opportunities, perhaps even more significant than in many other industries.
November 15, 2011
Blog
The HITECH Act called for stepped-up HIPAA privacy and security and breach notification rule enforcement with respect to covered entities and business associates, to be accomplished by spot-check audits.
November 9, 2011
Blog