Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
Whether it's guarding against "malicious insiders" or ensuring C-suite execs are scared straight about the risks and regs they face, the coming year poses big challenges to healthcare according to Kroll's annual Cyber Security Forecast.
December 4, 2013
News
Some 90,000 University of Washington Medicine patients got a surprise this Thanksgiving, and it wasn't a very good one.
December 3, 2013
News
In its second reported data breach this fall, Kaiser Permanente is notifying patients seen at its Anaheim Medical Center that their protected health information has been compromised after a USB flash drive containing patient data went missing.
November 26, 2013
News
Google-backed 23andMe, a consumer company that seeks to be the "world's trusted source of personal genetic information" thanks to its $99 DNA tests, has been slapped with a warning from the FDA that it's in violation of the Federal Food, Drug and Cosmetic Act.
November 26, 2013
News
As 2013 nears its end and shortly after the final HIPAA Omnibus rule went into effect back in September, many groups are giving the Office of the National Coordinator an earful about implementing the HIPAA Accounting of Disclosures provision.
November 26, 2013
News
Solid BYOD policies can keep information flowing without running afoul of HIPAA.
November 22, 2013
News
When a medical privacy breach occurs, it's most often the patient who gets notified that their personal information was compromised, not the provider. But that's not always the case.
November 22, 2013
News
Since its launch in 2009, the RSNA Image Share Network has enjoyed robust funding from the National Institute of Biomedical Imaging and Bioengineering and found successes at some of the premier health systems in the U.S. Now it's looking for new providers to join.
November 21, 2013
News
The Office of the Attorney General in California, in collaboration with the American Health Information Management Association, has issued best practice recommendations for providers -- and tips for patients -- to better safeguard health data from theft.
November 21, 2013
News
A new poll from the Ponemon Institute has found that security preparedness is still sorely lacking across healthcare -- a fact that could leave unsuspecting organizations "blindsided" by breaches.
November 21, 2013
News
At a House hearing Nov. 19, lawmakers heard testimonies from security experts over whether HealthCare.gov is secure enough to handle the sensitive personal information of millions. The unanimous response? In its current form, probably not. But, it can get there.
November 20, 2013
News
Researchers and other clinicians love it. Privacy officers, not so much. The popular file hosting site isn't HIPAA compliant, and hasn't shown much interest in business associate agreements.
November 19, 2013
News
Remember in high school how it didn’t take long for a rumor or juicy piece of gossip to run rampant through the halls and spread faster than a wildfire fueled by 80 MPH winds? Well, social media is the new word of mouth.
July 13, 2011
Blog
How comprehensive can the information in an EHR be before patients grow concerned for their privacy? Do doctors using EHRs run the risk of missing the meat on the bones -- the details?
July 8, 2011
Blog
In the first national study to examine care at critical access hospitals (CAHs) in rural areas of the U.S., Harvard School of Public Health (HSPH) researchers found that CAHs have fewer clinical capabilities, lower quality of care, and worse patient outcomes compared with other hospitals.
July 8, 2011
Blog
Being in healthcare IT, and inspired all the time by the optimism and the opportunities technology has provided us, I thought that collecting my personal health information would be a fairly simple and straightforward task. Instead, the wide range of service I was provided when simply trying to collect my medical records was quite an eye opening experience.
June 23, 2011
Blog
Topic 3 on the June 20 #HITsm Tweetchat got into discussions of who owns patient data. The moral high ground today seems to be towards "patient ownership." Reality is just a bit different, and I think the discussion of ownership is not all that useful.
June 22, 2011
Blog
If you’re reading this blog, you most likely saw the pop-up/interstitial Intel ad that asks “Is Cloud Computing Right for You?” Steve Jobs apparently thinks so.
June 7, 2011
Blog
HIPAA regulations long on the books require that covered entities provide patients with accounting of disclosures of their protected health information for any purpose other than treatment, payment or health care operations (TPO). The HITECH Act upped the ante, requiring accounting of disclosures of PHI for TPO as well.
June 2, 2011
Blog
At one time or another, you may have heard a book titled, “All I Really Need To Know I Learned in Kindergarten,” by Robert Fulghum. Robert’s lessons translate into my professional world.
May 25, 2011
Blog
It's been a bad month for the cloud.
May 16, 2011
Blog
One of the biggest ongoing debates in the HIT world is how best to protect digitized health information.
May 4, 2011
Blog
While conducting research for the long overdue and nearly completed report on Personal Health Clouds (Dossia, Google Health and HealthVault) came across a recently published report by the European Network and Information Security Agency (ENISA) addressing cloud computing security.
December 10, 2009
Blog
The concepts of “security” and “privacy” of medical information (Protected Health Information, or PHI) are closely intertwined.
September 25, 2009
Blog