As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules
The Boston Children's Hospital has found itself the target of multiple cyberattacks throughout the past week, reportedly with the renowned hacker group Anonymous at the center of it.
April 25, 2014
Serving notice that "covered entities and business associates must understand that mobile device security is their obligation," the HHS Office for Civil Rights has settled with two organizations for a combined $1,975,220 penalty after their unencrypted computers were stolen.
April 23, 2014
Healthcare has a few things to do differently in the privacy and security arena -- one of them being: Start taking it seriously. This according to Verizon's annual breach report.
April 22, 2014
UPMC officials say the number of employees affected by a data breach at the renowned medical center is much higher than originally reported -- rising from 322 employees first disclosed on March 6, now up to 27,000 out of a total of 62,000 employees.
April 21, 2014
The most basic security truth in 2014 is that encryption done properly -- a high enough level of encryption, proper safeguarding of the encryption key -- is the best thing an IT department can do. Sill, many industries resist encryption, and healthcare is arguably the most strident.
April 17, 2014
Security is a nightmare for all companies, but the very nature of healthcare makes it far worse. Are there ways to make security not merely viable, but even profitable?
April 16, 2014
When it comes to security threat severity, the Heartbleed bug doesn't miss a beat. That's according to Phil Lerner, chief information security officer at Beth Israel Deaconess Medical Center, who, on a scale from 1 to 10, ranks the bug a solid "high priority" at 7.5.
April 14, 2014
Some 5,100 Kaiser Permanente patients were sent HIPAA breach notification letters after a KP research computer was found to have been infected with malicious software. Officials say the computer was infected with the malware for more than two and a half years before being discovered Feb. 12.
April 7, 2014
For small- to mid-sized healthcare organizations looking for help with HIPAA security risk assessment, you now have a new tool at your fingertips.
March 28, 2014
It's not only federal HIPAA privacy and security violations that may end up costing industry groups a pretty penny. There's also state privacy laws to heed. Case in point is what recently transpired at Stanford Hospital and Clinics.
March 24, 2014
Without question, BYOD, or "bring your own device," offers benefits to both healthcare employees and employers. It also presents security issues. No matter who owns the device, hospitals are responsible for any data breaches that occur.
March 19, 2014
The 28-hospital Indian Health Service has failed a mock cyberattack conducted by HHS' Office of Inspector General after its computer network was discovered to have "high risk" vulnerabilities.
March 19, 2014
About 39% of medical offices in the U.S. have adopted <a href="/directory/electronic-medical-record-emr" target="_blank" class="directory-item-link">EMR</a> technology, according to SK&A. With Medicare and Medicaid incentive payments now available to physician practices and hospitals who make <a href="/directory/meaningful-use" target="_blank" class="directory-item-link">Meaningful Use</a> of such technology, that number is expected to rise over the next several years. But what about the practices who have not yet embarked on the journey toward EMR implementation? What’s holding them back? And where should they turn for help in managing the transition from paper-based records to electronic systems? Download this white paper to learn more about EMR implementation best practices.
April 18, 2012
The United States is undergoing a major transformation of its healthcare delivery system, driven by federal health IT investments and healthcare reforms. This content piece features information from a joint presentation at the HIMSS12 Annual Conference & Exhibition in Las Vegas in February, where Eric Dishman, General Manager of Health Strategy and Solutions at Intel Corporation, and Jason Hwang, MD, executive director of healthcare at the Innosight Institute, presented on the power of “disruptive innovation” to meet the challenges of transforming the U.S. health sector. Download this paper to read examples of how disruption health IT innovation is driving new care models across the globe.
March 29, 2012
In the first national study to examine care at critical access hospitals (CAHs) in rural areas of the U.S., Harvard School of Public Health (HSPH) researchers found that CAHs have fewer clinical capabilities, lower quality of care, and worse patient outcomes compared with other hospitals.
July 8, 2011
Being in healthcare IT, and inspired all the time by the optimism and the opportunities technology has provided us, I thought that collecting my personal health information would be a fairly simple and straightforward task. Instead, the wide range of service I was provided when simply trying to collect my medical records was quite an eye opening experience.
June 23, 2011
Topic 3 on the June 20 #HITsm Tweetchat got into discussions of who owns patient data. The moral high ground today seems to be towards "patient ownership." Reality is just a bit different, and I think the discussion of ownership is not all that useful.
June 22, 2011
If you’re reading this blog, you most likely saw the pop-up/interstitial Intel ad that asks “Is Cloud Computing Right for You?” Steve Jobs apparently thinks so.
June 7, 2011
HIPAA regulations long on the books require that covered entities provide patients with accounting of disclosures of their protected health information for any purpose other than treatment, payment or health care operations (TPO). The HITECH Act upped the ante, requiring accounting of disclosures of PHI for TPO as well.
June 2, 2011
At one time or another, you may have heard a book titled, “All I Really Need To Know I Learned in Kindergarten,” by Robert Fulghum. Robert’s lessons translate into my professional world.
May 25, 2011
It's been a bad month for the cloud.
May 16, 2011
One of the biggest ongoing debates in the HIT world is how best to protect digitized health information.
May 4, 2011
While conducting research for the long overdue and nearly completed report on Personal Health Clouds (Dossia, Google Health and HealthVault) came across a recently published report by the European Network and Information Security Agency (ENISA) addressing cloud computing security.
December 10, 2009
The concepts of “security” and “privacy” of medical information (Protected Health Information, or PHI) are closely intertwined.
September 25, 2009
When I lecture about the new generation of personal health records such as Google Health and Microsoft Healthvault, I emphasize that these applications are not covered by HIPAA.
January 4, 2009
Egypt's crisis has raised alarms about national security and economic impact for Americans if regime change leads to an anti-US government controlling a strong ally in the Middle East. This crisis raises another more personal concern for Americans that has been overlooked by the national media: The security and availability of your electronic medical records in the event of a government-imposed "kill switch" for the Internet.
February 15, 2011