Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
More than 60 percent of all industries worldwide embrace BYOD, says Mac McMillan, CEO of the information security company CynergisTek and chairman of the HIMSS Privacy and Security Task Force. In healthcare, that number stands at around 85 percent, with 92 percent of that number saying personal mobile devices are in use multiple times every day.
June 25, 2014
News
As myriad healthcare organizations have attested, the aftermath of a HIPAA violation generally isn't a pretty sight, especially when it comes to one's bank account. One Indiana-based health system has witnessed this reality after being slapped with an $800,000 settlement for violating the HIPAA Privacy Rule.
June 24, 2014
News
The U.S. Department of Health & Human Services has launched a federal probe into HIPAA privacy violations at the University of Cincinnati Medical Center, according to an HHS spokesperson.
June 24, 2014
News
Data attacks on healthcare organizations have increased a whopping 100 percent from just four years ago, a reality that has chief security and information officers in a dash to stay ahead of the data protection curve.
June 23, 2014
News
In one of her first orders of business as new Health and Human Services Secretary, Sylvia Mathews Burwell has made management changes aimed at ensuring that HealthCare.gov is robust enough to handle the upcoming open enrollment period.
June 23, 2014
News
Some 90 percent of healthcare organizations have reported at least one data breach in the past two years, with more than a third seeing more than five breaches. Gerry Hinkley, partner at Pillsbury Winthrop Shaw Pittman's healthcare practice, says breach response is where many make major missteps, mistakes that can easily be avoided.
June 20, 2014
News
More than 20,000 patients seen at a San Diego hospital are getting HIPAA breach notification letters after employees on two separate occasions emailed protected health information to job applicants by mistake. One incident occurred nearly two years ago.
June 19, 2014
News
It's not just the thought of having a data security breach that concerns Kaiser Permanente's Jim Doggett. It's the far-reaching damage such an event could wreak that really keeps him up at night.
June 17, 2014
News
Eighty percent of respondents to the inaugural 2014 HIMSS Analytics Cloud Survey say they currently use cloud-based IT services, for everything from human resources technology to data backup and disaster recovery. Still qualms about performance and privacy persist.
June 17, 2014
News
Imagine if almost everyone walking into your hospital -- patients, doctors, visitors, salespeople -- was carrying an active homing beacon, which broadcast, unencrypted, their presence and repeatedly updated exact location to anyone who chose to listen.
June 16, 2014
News
As anyone who's ever worked for IT security can attest, the job is no walk in the park. New threats, compliance mandates, vulnerabilities and updates are constant. But with strong leadership, and a culture of compliance and responsibility to match, many healthcare organizations have shown it can be done right -- and well.
June 13, 2014
News
A Northern California hospital is reevaluating its security policies after an unencrypted USB drive containing the protected health information of nearly 34,000 patients was stolen from an employee's unlocked locker.
June 13, 2014
News
A recent survey of IT executives found nearly 90% see business value in transitioning to Cloud computing, but only 20% have a plan to get there. Healthcare Cloud solutions require Compliance, Security, Privacy, Redundancy, and Scalability, so choosing the right path from on-premises servers to the Cloud can be daunting. Learn how to chart a quick and affordable course to healthcare <a href="/directory/cloud-computing" target="_blank" class="directory-item-link">Cloud Computing</a> and how to choose the right Cloud services partner.
November 7, 2012
Resource
sites/default/files/resource-media/pdf/qts_sizing_up_the_cloud_v2gen.pdf
Protect
In January 2010, QualSight - the nation’s largest LASIK manager serving over 75 million health plan members - was informed that a hack attempt had been made against their infrastructure. They were concerned that a repeat occurrence could take place and wanted to take a pro-active role in eliminating any future occurrence. Download this case study to find out how QualSight finally found a solution that offered complete HIPAA compliancy.
November 7, 2012
Resource
sites/default/files/resource-media/pdf/fh_cs_qualsight_wp.pdf
Protect
Information Transforms Healthcare. As a Provider, you collect more data than ever before, from EMRs, patient surveys, home monitoring, to imaging. Collaborating on patient care is difficult at best—there’s so much data, it can’t easily be shared and it’s often incomplete. And new insights can only be derived from relevant information. IT executives can close the gap between maintenance and innovation budgets and deliver clinically relevant, operationally efficient, and fiscally sound solutions for the business. How? With a proven IT infrastructure that allows you to securely take advantage of newly digitized data.
November 7, 2012
Resource
sites/default/files/resource-media/pdf/emc_transformhealthcare.pdf
Protect
The wealth of electronic data generated by the U.S. healthcare system presents a paradox for healthcare providers. Cloud services offers healthcare an attractive solution, helping hospitals scale with ease, better manage resources, and provide fluid access and sharing of medical images across organizations, departments and providers – achieving a connectedness that supports healthcare organizations’ patient care goals. Learn why cloud services may be the solution to your healthcare organization’s medical imaging challenges.
November 7, 2012
Resource
sites/default/files/resource-media/pdf/medical_imaging_in_the_cloud_final.pdf
Protect
Meaningful Use Stage 2: A handbook for providers discusses the changes in Stage 2 following the release of the final rules. This report focuses on what providers should expect, technology challenges and business opportunities in Stage 2 criteria, and key enterprise strategies for Stage 2 initiatives.
October 29, 2012
Resource
sites/default/files/resource-media/pdf/ebook_mustage2_handbook.pdf
Protect
In healthcare, IT systems management is not simply a matter of process efficiency and cost savings—it could be a matter of life or death for patients. Faced with regulatory requirements, widely dispersed facilities, demands for <a href="/directory/electronic-health-record-ehr" target="_blank" class="directory-item-link">electronic health records</a> (EHRs), and increasingly more and more mobile devices for providers, healthcare IT managers are forced to streamline systems management as budgets and headcount shrink.
October 25, 2012
Resource
sites/default/files/resource-media/pdf/dell_systems_management_in_healthcare.pdf
Protect
The arrival of <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">HITECH</a> and other laws designed to enforce HIPAA privacy guidelines makes maintaining HIPAA compliance more important than ever. Faxing anything, in a traditional manner, while maintaining compliance is extremely difficult. Therefore, we need to change the way we process and handle patient healthcare information. Fortunately, the advent of intelligent fax boards has paved the way for healthcare entities to transition into the future while allowing for more economical use of resources and reducing environmental impact.
October 18, 2012
Resource
sites/default/files/resource-media/pdf/hipaa_fax_white_paper_v0.8.pdf
Protect
Electronic locks and latches provide enhanced security where healthcare facilities need it the most – on the carts and cabinets that house valuable medical supplies and patient information. Electronic locks provide secure locking and audit trail capabilities that can help healthcare IT managers comply with industry regulations such as HIPAA and <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">HITECH</a>. This white paper explores opportunities for improved physical security in the healthcare environment and reviews electronic access solutions available to equipment manufacturers.
October 16, 2012
Resource
sites/default/files/resource-media/pdf/southco_wp_medsecurity.pdf
Protect
Memorial Hermann needed a more efficient way to process 32,000 user access requests per year to key healthcare and enterprise applications, and better controls around access provided to 20,000 employees including caregivers, employees and temporary workers spread throughout greater Houston, while demonstrating regulatory compliance — primarily with HIPAA and <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">HITECH</a>. With the Courion identity and access management suite, Memorial Hermann is now able to perform timely user attestations, streamline compliance, increase operational efficiency and strengthen security.
October 8, 2012
Resource
sites/default/files/resource-media/pdf/casestudy_mhhs_courion.pdf
Protect
HealthSpring is one of the country’s largest and fastest growing providers of <a href="/directory/medicare" target="_blank" class="directory-item-link">Medicare</a> Advantage health care plans with more than one million members in 11 states and the District of Columbia. To improve the accuracy, speed and scalability of its compliance program, HealthSpring chose Courion. The Courion suite is integrated with all of HealthSpring’s critical information technology systems, including its PeopleSoft <a href="/directory/enterprise-resource-planning" target="_blank" class="directory-item-link">enterprise resource planning</a> (ERP), claims processing and membership management systems.
October 8, 2012
Resource
sites/default/files/resource-media/pdf/casestudy_healthspring_courion.pdf
Protect
With sensitive data being continually accessed across the enterprise, the web, and mobile devices, organizations are constantly facing the challenge of protecting their critical assets such as employee and patient data – all of which impact their reputations and their bottom lines. Healthcare organizations in particular need to ensure only the right people have the right access to the right information at the right time. That’s the objective of an access risk management strategy.
October 8, 2012
Resource
sites/default/files/resource-media/pdf/white_paper_access_risk_management_courion.pdf
Protect
Hospitals and medical offices are busy places. Ever wonder how easy it would be for someone to walk out with an office laptop or mobile device? Not only do patients expect confidentiality of their medical records but government regulations like HIPAA demand it. The theft of laptops, computers and mobile devices is a common cause of data breaches and physical security is a highly effective first line of defense.
October 8, 2012
Resource
sites/default/files/resource-media/pdf/kensington_white_paper_080612.pdf
Protect
The 83rd Annual AHIMA Convention & Exhibit took place this week in Salt Lake City, Utah. The official AHIMA Resources twitter account promoted the hashtag #AHIMA11 in the weeks building up to the conference, in hopes that attendees would share personal experiences, tweet live events and enjoy the networking affairs. Here is a twitter recap of those who chose to do so.
October 7, 2011
Blog
At BIDMC, I oversee 10,600 desktops and 2000 laptops. They are all locked down with System Center Configuration Manager 2007 and McAfee ePolicy Orchestrator.
October 4, 2011
Blog
HHS announced the publication of a new proposed rule titled: CLIA Program and HIPAA Privacy Rule; Patients’ Access to Test Reports.
September 30, 2011
Blog
I get lots of questions about HIPAA security these days; especially as EHR firms, hospitals, payers, and startups alike are being asked about their HIPAA policies. My general recommendation is that you should forget about HIPAA at first.
September 20, 2011
Blog
When Dr. Farzad Mostashari, the national coordinator for health information technology, addresses more than 4,700 healthcare professionals at the Allscripts Client Experience in Nashville on Monday morning, Aug. 29, he’s likely to discuss one of the most exciting developments in healthcare today – and perhaps surprisingly, it won’t be the meaningful use of electronic health records.
August 28, 2011
Blog
I've been thinking about the Strategic Health IT Advance Research Projects (SHARP) Program lately and plan to give an update soon on some of the progress being made.
August 26, 2011
Blog
A little over a month ago, I asked our Healthcare IT News social media followers if they believed a nation-wide transition to EHRs for doctors would lower healthcare costs. From Twitter to Facebook, there was a wide range of opinions.
August 11, 2011
Blog
I read a post earlier today talking about concerns of a healthcare organization that would be sharing its data with its patients. One of the concerns was that sharing the data (with a competitor) would make it easier for the patient to get care elsewhere.
July 26, 2011
Blog
I finally made it to Redwood MedNet Health Information Exchange Conference and share my learnings and thoughts below.
July 19, 2011
Blog
Personal health information and the lack of security surrounding it has caused quite a bit of buzz lately.
July 13, 2011
Blog
Remember in high school how it didn’t take long for a rumor or juicy piece of gossip to run rampant through the halls and spread faster than a wildfire fueled by 80 MPH winds? Well, social media is the new word of mouth.
July 13, 2011
Blog
How comprehensive can the information in an EHR be before patients grow concerned for their privacy? Do doctors using EHRs run the risk of missing the meat on the bones -- the details?
July 8, 2011
Blog