Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
Sure, HIPAA adds a layer of privacy protection for certain health data -- if organizations actually comply with it -- but there remains myriad avenues of mining health data and selling to the highest bidder that do not fall under the purview of HIPAA's privacy and security rules. And they may surprise you.
July 16, 2014
News
Few healthcare IT policies these days are as delicate, sensitive and potentially emotionally explosive as efforts to restrict or regulate employee social media activity. And yet hospital hierarchies are routinely stepping on these political minefields as providers try to protect their reputations.
July 15, 2014
News
The Office of the National Coordinator for Health IT continues to reshape itself as it adjusts to funding limits. To that end, National Coordinator Karen DeSalvo, MD, has outlined a new working group structure for ONC's Health IT Policy Committee.
July 14, 2014
News
The latest revelations from Edward Snowden's document leaks show that not much is beyond the grasp of the National Security Agency -- not even electronic medical records.
July 7, 2014
News
As director of health information technology policy and programs for the National Partnership for Women and Families, Mark Savage keeps a close watch on healthcare information technology, along with all other aspects of patient care.
July 5, 2014
News
The Office for Civil Rights, the HHS division responsible for enforcing HIPAA, is slated to get a new director after the official departure of Leon Rodriguez.
July 2, 2014
News
When an organization experiences a major data breach and puts out a news release, the point is to comfort people that the news isn't as bad as it sounds. But at the same time, it's critical to be precise with language -- lest that organization be compelled to subsequently issue the dreaded, "What we actually meant to say in Monday's statement…" statement.
July 1, 2014
News
Call it big data bloodlust: The more health information being generated by a growing contingency of apps, devices, electronic health records, mHealth sensors and wearables, the broader and stronger the desire for that data becomes.
June 30, 2014
News
In one of the largest HIPAA breaches ever reported, the Montana Department of Public Health and Human Services is notifying some 1.3 million people after hackers gained unfettered access to an agency server for nearly a year before being discovered.
June 25, 2014
News
More than 60 percent of all industries worldwide embrace BYOD, says Mac McMillan, CEO of the information security company CynergisTek and chairman of the HIMSS Privacy and Security Task Force. In healthcare, that number stands at around 85 percent, with 92 percent of that number saying personal mobile devices are in use multiple times every day.
June 25, 2014
News
As myriad healthcare organizations have attested, the aftermath of a HIPAA violation generally isn't a pretty sight, especially when it comes to one's bank account. One Indiana-based health system has witnessed this reality after being slapped with an $800,000 settlement for violating the HIPAA Privacy Rule.
June 24, 2014
News
The U.S. Department of Health & Human Services has launched a federal probe into HIPAA privacy violations at the University of Cincinnati Medical Center, according to an HHS spokesperson.
June 24, 2014
News
This white paper focuses on how an EHR-Extender (EHR-e) can help hospitals leverage data trapped in the EHR and other clinical systems to establish better care team communication. The result of contextual critical alerts and texts are improved communication and enhanced workflows which makes patients, healthcare staff, administration, and regulators happy.
January 2, 2013
Resource
sites/default/files/resource-media/pdf/extension_wp_beyond_the_ehr_final.2012.12.11.pdf
Protect
Watch this informative video to learn more about EXTENSION's most popular clinical workflow solutions for nurses and physicians inluding nurse call integration, mobile critical lab notifications, mobile report availability, mobile STAT order notifications, HIPAA-compliant texting and more. EXTENSION's mobile point-of-care solutions improve staff satisfaction, patient safety, and HCAHPS scores.
January 2, 2013
Resource
Protect
http://www.medtechmedia.com/files/resource_central/HealthAlert_Overview_Video.mov
In March 2012, the Obama Administration launched a $200 million “Big Data Research and Development Initiative,” which aims to transform the use of big data for scientific discovery and biomedical research, among other areas. Stakeholders now need to come together to take advantage of market conditions and realize the value of the incredible amount of important data in a more efficient and expeditious manner. In the spirit of collaboration and as part of the Intel Innovations Summit, the global technology leader in computing convened four thought leaders to share how their respective industries are meeting challenges and utilizing big data.
November 15, 2012
Resource
sites/default/files/resource-media/pdf/intel_white_paper_1_big_data.pdf
Protect
A recent survey of IT executives found nearly 90% see business value in transitioning to Cloud computing, but only 20% have a plan to get there. Healthcare Cloud solutions require Compliance, Security, Privacy, Redundancy, and Scalability, so choosing the right path from on-premises servers to the Cloud can be daunting. Learn how to chart a quick and affordable course to healthcare <a href="/directory/cloud-computing" target="_blank" class="directory-item-link">Cloud Computing</a> and how to choose the right Cloud services partner.
November 7, 2012
Resource
sites/default/files/resource-media/pdf/qts_sizing_up_the_cloud_v2gen.pdf
Protect
In January 2010, QualSight - the nation’s largest LASIK manager serving over 75 million health plan members - was informed that a hack attempt had been made against their infrastructure. They were concerned that a repeat occurrence could take place and wanted to take a pro-active role in eliminating any future occurrence. Download this case study to find out how QualSight finally found a solution that offered complete HIPAA compliancy.
November 7, 2012
Resource
sites/default/files/resource-media/pdf/fh_cs_qualsight_wp.pdf
Protect
Information Transforms Healthcare. As a Provider, you collect more data than ever before, from EMRs, patient surveys, home monitoring, to imaging. Collaborating on patient care is difficult at best—there’s so much data, it can’t easily be shared and it’s often incomplete. And new insights can only be derived from relevant information. IT executives can close the gap between maintenance and innovation budgets and deliver clinically relevant, operationally efficient, and fiscally sound solutions for the business. How? With a proven IT infrastructure that allows you to securely take advantage of newly digitized data.
November 7, 2012
Resource
sites/default/files/resource-media/pdf/emc_transformhealthcare.pdf
Protect
The wealth of electronic data generated by the U.S. healthcare system presents a paradox for healthcare providers. Cloud services offers healthcare an attractive solution, helping hospitals scale with ease, better manage resources, and provide fluid access and sharing of medical images across organizations, departments and providers – achieving a connectedness that supports healthcare organizations’ patient care goals. Learn why cloud services may be the solution to your healthcare organization’s medical imaging challenges.
November 7, 2012
Resource
sites/default/files/resource-media/pdf/medical_imaging_in_the_cloud_final.pdf
Protect
Meaningful Use Stage 2: A handbook for providers discusses the changes in Stage 2 following the release of the final rules. This report focuses on what providers should expect, technology challenges and business opportunities in Stage 2 criteria, and key enterprise strategies for Stage 2 initiatives.
October 29, 2012
Resource
sites/default/files/resource-media/pdf/ebook_mustage2_handbook.pdf
Protect
In healthcare, IT systems management is not simply a matter of process efficiency and cost savings—it could be a matter of life or death for patients. Faced with regulatory requirements, widely dispersed facilities, demands for <a href="/directory/electronic-health-record-ehr" target="_blank" class="directory-item-link">electronic health records</a> (EHRs), and increasingly more and more mobile devices for providers, healthcare IT managers are forced to streamline systems management as budgets and headcount shrink.
October 25, 2012
Resource
sites/default/files/resource-media/pdf/dell_systems_management_in_healthcare.pdf
Protect
The arrival of <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">HITECH</a> and other laws designed to enforce HIPAA privacy guidelines makes maintaining HIPAA compliance more important than ever. Faxing anything, in a traditional manner, while maintaining compliance is extremely difficult. Therefore, we need to change the way we process and handle patient healthcare information. Fortunately, the advent of intelligent fax boards has paved the way for healthcare entities to transition into the future while allowing for more economical use of resources and reducing environmental impact.
October 18, 2012
Resource
sites/default/files/resource-media/pdf/hipaa_fax_white_paper_v0.8.pdf
Protect
Electronic locks and latches provide enhanced security where healthcare facilities need it the most – on the carts and cabinets that house valuable medical supplies and patient information. Electronic locks provide secure locking and audit trail capabilities that can help healthcare IT managers comply with industry regulations such as HIPAA and <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">HITECH</a>. This white paper explores opportunities for improved physical security in the healthcare environment and reviews electronic access solutions available to equipment manufacturers.
October 16, 2012
Resource
sites/default/files/resource-media/pdf/southco_wp_medsecurity.pdf
Protect
Memorial Hermann needed a more efficient way to process 32,000 user access requests per year to key healthcare and enterprise applications, and better controls around access provided to 20,000 employees including caregivers, employees and temporary workers spread throughout greater Houston, while demonstrating regulatory compliance — primarily with HIPAA and <a href="/directory/health-information-technology-economic-and-clinical-health-hitech-act" target="_blank" class="directory-item-link">HITECH</a>. With the Courion identity and access management suite, Memorial Hermann is now able to perform timely user attestations, streamline compliance, increase operational efficiency and strengthen security.
October 8, 2012
Resource
sites/default/files/resource-media/pdf/casestudy_mhhs_courion.pdf
Protect
The 83rd Annual AHIMA Convention & Exhibit took place this week in Salt Lake City, Utah. The official AHIMA Resources twitter account promoted the hashtag #AHIMA11 in the weeks building up to the conference, in hopes that attendees would share personal experiences, tweet live events and enjoy the networking affairs. Here is a twitter recap of those who chose to do so.
October 7, 2011
Blog
At BIDMC, I oversee 10,600 desktops and 2000 laptops. They are all locked down with System Center Configuration Manager 2007 and McAfee ePolicy Orchestrator.
October 4, 2011
Blog
HHS announced the publication of a new proposed rule titled: CLIA Program and HIPAA Privacy Rule; Patients’ Access to Test Reports.
September 30, 2011
Blog
I get lots of questions about HIPAA security these days; especially as EHR firms, hospitals, payers, and startups alike are being asked about their HIPAA policies. My general recommendation is that you should forget about HIPAA at first.
September 20, 2011
Blog
When Dr. Farzad Mostashari, the national coordinator for health information technology, addresses more than 4,700 healthcare professionals at the Allscripts Client Experience in Nashville on Monday morning, Aug. 29, he’s likely to discuss one of the most exciting developments in healthcare today – and perhaps surprisingly, it won’t be the meaningful use of electronic health records.
August 28, 2011
Blog
I've been thinking about the Strategic Health IT Advance Research Projects (SHARP) Program lately and plan to give an update soon on some of the progress being made.
August 26, 2011
Blog
A little over a month ago, I asked our Healthcare IT News social media followers if they believed a nation-wide transition to EHRs for doctors would lower healthcare costs. From Twitter to Facebook, there was a wide range of opinions.
August 11, 2011
Blog
I read a post earlier today talking about concerns of a healthcare organization that would be sharing its data with its patients. One of the concerns was that sharing the data (with a competitor) would make it easier for the patient to get care elsewhere.
July 26, 2011
Blog
I finally made it to Redwood MedNet Health Information Exchange Conference and share my learnings and thoughts below.
July 19, 2011
Blog
Personal health information and the lack of security surrounding it has caused quite a bit of buzz lately.
July 13, 2011
Blog
Remember in high school how it didn’t take long for a rumor or juicy piece of gossip to run rampant through the halls and spread faster than a wildfire fueled by 80 MPH winds? Well, social media is the new word of mouth.
July 13, 2011
Blog
How comprehensive can the information in an EHR be before patients grow concerned for their privacy? Do doctors using EHRs run the risk of missing the meat on the bones -- the details?
July 8, 2011
Blog