Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
Apple on Monday touted its working with the Mayo Clinic as it rolled out an app that would piece together healthcare information from many third-party apps -- including one from Mayo -- to give consumers a comprehensive medical view on a mobile device.
June 3, 2014
News
More than twice as many people as first suspected have been put at risk by a massive data breach at UPMC health system.
June 2, 2014
News
In its newly released semiannual report to Congress, OIG says it focused on "core risk areas" associated with the marketplaces, including eligibility systems, payment accuracy, contractor oversight, and data security.
May 30, 2014
News
It seems that everybody under the sun has been asking "you're in the cloud, right?" But it's important to take a step back and realize that not all clouds are equal. Maybe it's time for people to be asking, "Are you doing the cloud right?"
May 30, 2014
News
Identity management and unauthorized data access by employees present the biggest threat to security and privacy of patient data, according to healthcare providers across the country.
May 30, 2014
News
Working on the patient portal portion of Stage 2 meaningful use? Officials at Mayo Clinic can offer some valuable insight into their own portal rollout -- challenges that have arisen, privacy concerns and how to do it right.
May 30, 2014
News
Working to spur more innovative approaches and complete understanding of pain management, six federal agencies have teamed to centralize data on pain research.
May 29, 2014
News
Information is money. And data brokers, companies that mine consumers' personal information and sell to the highest bidder, know this more than anyone. Their practices in collecting said data, however, have recently come under fire.
May 28, 2014
News
When it comes to privacy and security, healthcare IT leaders have their hands full. The Privacy & Security Forum, which will take place in San Diego, will help healthcare organizations address these challenges and mitigate risk throughout their organizations.
May 28, 2014
News
Returning service members are looking for jobs. Healthcare IT departments are desperate for qualified candidates. What special skill sets can veterans bring to the table?
May 26, 2014
News
There's a little bit of good news in the healthcare IT arena: CEOs and CIOs are quickly moving to make hiring chief information security officers a top priority.
May 20, 2014
News
A keystroke logger infecting three computers has been blamed for swiping the medical and financial data of UC Irvine Student Health Center patients.
May 19, 2014
News
Memorial Hermann needed a more efficient way to process 32,000 user access requests per year to key healthcare and enterprise applications, and better controls around access provided to 20,000 employees including caregivers, employees and temporary workers spread throughout greater Houston, while demonstrating regulatory compliance — primarily with HIPAA and <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">HITECH</a>. With the Courion identity and access management suite, Memorial Hermann is now able to perform timely user attestations, streamline compliance, increase operational efficiency and strengthen security.
October 8, 2012
Resource
sites/default/files/resource-media/pdf/casestudy_mhhs_courion.pdf
Protect
HealthSpring is one of the country’s largest and fastest growing providers of <a href="/directory/medicare" target="_blank" class="directory-item-link">Medicare</a> Advantage health care plans with more than one million members in 11 states and the District of Columbia. To improve the accuracy, speed and scalability of its compliance program, HealthSpring chose Courion. The Courion suite is integrated with all of HealthSpring’s critical information technology systems, including its PeopleSoft <a href="/directory/enterprise-resource-planning" target="_blank" class="directory-item-link">enterprise resource planning</a> (ERP), claims processing and membership management systems.
October 8, 2012
Resource
sites/default/files/resource-media/pdf/casestudy_healthspring_courion.pdf
Protect
With sensitive data being continually accessed across the enterprise, the web, and mobile devices, organizations are constantly facing the challenge of protecting their critical assets such as employee and patient data – all of which impact their reputations and their bottom lines. Healthcare organizations in particular need to ensure only the right people have the right access to the right information at the right time. That’s the objective of an access risk management strategy.
October 8, 2012
Resource
sites/default/files/resource-media/pdf/white_paper_access_risk_management_courion.pdf
Protect
Hospitals and medical offices are busy places. Ever wonder how easy it would be for someone to walk out with an office laptop or mobile device? Not only do patients expect confidentiality of their medical records but government regulations like HIPAA demand it. The theft of laptops, computers and mobile devices is a common cause of data breaches and physical security is a highly effective first line of defense.
October 8, 2012
Resource
sites/default/files/resource-media/pdf/kensington_white_paper_080612.pdf
Protect
By taking a comprehensive approach to systems management, healthcare providers’ IT departments can significantly reduce the amount of time required to perform routine maintenance tasks, therefore improving productivity. These time savings allow IT departments to shift staff to more value added activities that help support the business and reachstrategic goals.
September 19, 2012
Resource
sites/default/files/resource-media/pdf/realizing_the_return.pdf
Protect
This white paper provides a brief overview of HIPAA regulations and how healthcare organizations are using technology to assist with compliance. Many traditional document handling processes do not comply with HIPAA regulations for privacy and security. The whitepaper discusses network faxing, explores advantages for implementing a network fax solution to support HIPAA compliance initiatives and to improve the security and overall efficiency of the document transmission processes.
September 11, 2012
Resource
sites/default/files/resource-media/pdf/hipaa_healthcare_transformation_to_electronic_communications.pdf
Protect
As more and more hospitals work to incorporate smartphones into their communication network, they have learned important lessons that can help other facilities make a smooth transition. At the end of the day, the goal is to get the right message, to the right person, on the right device, at the right time.
September 4, 2012
Resource
sites/default/files/resource-media/pdf/wp-us-6-lessons-hospital-smartphone-integration.pdf
Protect
Specialty medicine practices rarely employ a dedicated information technology resource. Durham Nephrology is no exception. The Durham practice navigated the uncharted waters of attesting to <a href="/directory/meaningful-use" target="_blank" class="directory-item-link">Meaningful Use</a> under <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">the HITECH Act</a> of 2009 without the benefit of an IT expert or outside consultant. They implemented an <a href="/directory/electronic-health-record-ehr" target="_blank" class="directory-item-link">EHR</a> system in 2003 and believed that an EHR was the only long-term, effective way to organize patient charts and clinical notes. Read this story to find out this resourceful team achieved their goals--and more.
September 4, 2012
Resource
sites/default/files/resource-media/pdf/pro100_proehr_durham_nephrology_associates_nephrology_nc_success_story_10_19_11.pdf
Protect
As doctors and hospitals fight for the lives of their patients, they find themselves drowning in a sea of paperwork. Healthcare workers struggle daily to communicate patient information quickly and securely while complying with numerous insurance policies and industry regulations. Now, with demand from the White House to demonstrate "<a href="/directory/meaningful-use" target="_blank" class="directory-item-link">meaningful use</a>", the incentive to invest in communications technology has never been greater. This report by Smith Ivanson explores the top communication challenges Healthcare organizations face today, and why many of them are turning to Fax Servers to send, receive, and store <a href="/directory/electronic-health-record-ehr" target="_blank" class="directory-item-link">EHRs</a>.
August 29, 2012
Resource
sites/default/files/resource-media/pdf/security__compliance_top_drivers_for_fax_server_adoption_in_healthcare.pdf
Protect
As healthcare organizations develop strategies to comply with federal mandates and succeed in the new environment, wireless is one of the emerging technologies that can enable organizations to meet their clinical and business objectives, especially in this era of having to do more with a finite set of resources. This paper, featuring results from a Healthcare IT News online survey from June and July 2012, discusses current usage of wireless data technology in healthcare and identifies areas of demand and the potential benefits of wireless solutions and strategies.
August 29, 2012
Resource
sites/default/files/resource-media/pdf/sprint_executive_summary_august_2012.pdf
Protect
Every HIM initiative - especially clinical documentation - relies on a single common thread for success: the availability and integrity of the right data to drive the correct decisions and follow-on actions. Capturing accurate, complete quality clinical documentation is the most critical and fundamental component in providing quality care, and ultimately has the biggest connection to generating revenue. This white paper describes the risks associated with the lack of a core HIT strategy; identifies HIT strategies that can help manage the complex clinical documentation challenges associated with ICD-10, RAC and ACOs; and provides an overview of existing and emerging technologies that have significant impact on addressing these challenges.
August 2, 2012
Resource
sites/default/files/resource-media/pdf/white_paper-perfect_storm.pdf
Protect
Structured and unstructured information are valuable assets that allow companies to make informed business decisions. As a common practice, companies have adopted back office systems and CRM as part of their IT infrastructure to address structured information that’s commonly found in databases. While CRM lays the foundation for the IT infrastructure it does not address the unstructured data that can be found between core systems.
June 22, 2012
Resource
sites/default/files/resource-media/pdf/whitepaper_champaign2.pdf
Protect
The 83rd Annual AHIMA Convention & Exhibit took place this week in Salt Lake City, Utah. The official AHIMA Resources twitter account promoted the hashtag #AHIMA11 in the weeks building up to the conference, in hopes that attendees would share personal experiences, tweet live events and enjoy the networking affairs. Here is a twitter recap of those who chose to do so.
October 7, 2011
Blog
At BIDMC, I oversee 10,600 desktops and 2000 laptops. They are all locked down with System Center Configuration Manager 2007 and McAfee ePolicy Orchestrator.
October 4, 2011
Blog
HHS announced the publication of a new proposed rule titled: CLIA Program and HIPAA Privacy Rule; Patients’ Access to Test Reports.
September 30, 2011
Blog
I get lots of questions about HIPAA security these days; especially as EHR firms, hospitals, payers, and startups alike are being asked about their HIPAA policies. My general recommendation is that you should forget about HIPAA at first.
September 20, 2011
Blog
When Dr. Farzad Mostashari, the national coordinator for health information technology, addresses more than 4,700 healthcare professionals at the Allscripts Client Experience in Nashville on Monday morning, Aug. 29, he’s likely to discuss one of the most exciting developments in healthcare today – and perhaps surprisingly, it won’t be the meaningful use of electronic health records.
August 28, 2011
Blog
I've been thinking about the Strategic Health IT Advance Research Projects (SHARP) Program lately and plan to give an update soon on some of the progress being made.
August 26, 2011
Blog
A little over a month ago, I asked our Healthcare IT News social media followers if they believed a nation-wide transition to EHRs for doctors would lower healthcare costs. From Twitter to Facebook, there was a wide range of opinions.
August 11, 2011
Blog
I read a post earlier today talking about concerns of a healthcare organization that would be sharing its data with its patients. One of the concerns was that sharing the data (with a competitor) would make it easier for the patient to get care elsewhere.
July 26, 2011
Blog
I finally made it to Redwood MedNet Health Information Exchange Conference and share my learnings and thoughts below.
July 19, 2011
Blog
Personal health information and the lack of security surrounding it has caused quite a bit of buzz lately.
July 13, 2011
Blog
Remember in high school how it didn’t take long for a rumor or juicy piece of gossip to run rampant through the halls and spread faster than a wildfire fueled by 80 MPH winds? Well, social media is the new word of mouth.
July 13, 2011
Blog
How comprehensive can the information in an EHR be before patients grow concerned for their privacy? Do doctors using EHRs run the risk of missing the meat on the bones -- the details?
July 8, 2011
Blog