Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
Some 168,500 people are getting HIPAA breach notification letters after unencrypted computers were stolen from a city's public health and health services departments, officials announced Thursday.
March 7, 2014
News
In a year where "compliance and enforcement is really where the action is going to be," it might help to have some advice on how to keep on the right side of patient privacy law.
March 5, 2014
News
The Care Connectivity Consortium, which links five powerhouse providers in a nationwide data exchange collaborative, added a sixth member earlier this week at HIMSS14.
February 28, 2014
News
HIPAA "has seen a lot of action lately," said Susan McAndrew, deputy director for health information privacy at the Department for Health and Human Services' Office For Civil Rights, at HIMSS14 on Monday.
February 24, 2014
News
Protecting your hospital's data is no longer just about managing the systems inside your enterprise. Changes being considered in federal privacy regulations are prompting the legal counsel at many hospitals to begin looking at the security policies of contractors and even sub-contractors.
February 24, 2014
News
Who's responsible when a medical device breaks down or is hacked -- the manufacturer who made it or the healthcare provider who's using it?
February 23, 2014
News
The findings of a new HIMSS healthcare security report have been released, and the data may surprise you.
February 20, 2014
News
IT security is complicated, made even more so by the dynamic nature of technology and the ever challenging threat landscape. It may be best to think of IT security as a chronic illness, a condition that requires ongoing treatment, testing, and re-evaluations.
February 19, 2014
News
Onsite Occupational Health and Safety has tapped UPMC to provide second opinions and medical consultations in Afghanistan via telemedicine services.
February 19, 2014
News
Federal HIPAA violation penalties may be capped at $1.5 million per incident per year, but there's also state and regional fines for those disregarding privacy and security laws. And one health group is learning that the hard way.
February 18, 2014
News
Whether looking to draw attention to their practices, experiment with new technology or simply have a bit of fun with their otherwise dreary financial operations, several American medical professionals are now accepting bitcoins, the Web-based virtual currency, in addition to dollars.
February 18, 2014
News
To help organizations protect their data assets from the increasing number of cyber attacks, the Commerce Department's National Institute of Standards and Technology this week released a cybersecurity framework groups can use to create, assess or improve comprehensive cybersecurity programs.
February 14, 2014
News
Topic 3 on the June 20 #HITsm Tweetchat got into discussions of who owns patient data. The moral high ground today seems to be towards "patient ownership." Reality is just a bit different, and I think the discussion of ownership is not all that useful.
June 22, 2011
Blog
If you’re reading this blog, you most likely saw the pop-up/interstitial Intel ad that asks “Is Cloud Computing Right for You?” Steve Jobs apparently thinks so.
June 7, 2011
Blog
HIPAA regulations long on the books require that covered entities provide patients with accounting of disclosures of their protected health information for any purpose other than treatment, payment or health care operations (TPO). The HITECH Act upped the ante, requiring accounting of disclosures of PHI for TPO as well.
June 2, 2011
Blog
At one time or another, you may have heard a book titled, “All I Really Need To Know I Learned in Kindergarten,” by Robert Fulghum. Robert’s lessons translate into my professional world.
May 25, 2011
Blog
It's been a bad month for the cloud.
May 16, 2011
Blog
One of the biggest ongoing debates in the HIT world is how best to protect digitized health information.
May 4, 2011
Blog
While conducting research for the long overdue and nearly completed report on Personal Health Clouds (Dossia, Google Health and HealthVault) came across a recently published report by the European Network and Information Security Agency (ENISA) addressing cloud computing security.
December 10, 2009
Blog
The concepts of “security” and “privacy” of medical information (Protected Health Information, or PHI) are closely intertwined.
September 25, 2009
Blog
When I lecture about the new generation of personal health records such as Google Health and Microsoft Healthvault, I emphasize that these applications are not covered by HIPAA.
January 4, 2009
Blog
Egypt's crisis has raised alarms about national security and economic impact for Americans if regime change leads to an anti-US government controlling a strong ally in the Middle East. This crisis raises another more personal concern for Americans that has been overlooked by the national media: The security and availability of your electronic medical records in the event of a government-imposed "kill switch" for the Internet.
February 15, 2011
Blog
As we all implement Meaningful Use stages 1, 2, and 3 from 2011-2015, we will increasingly share data among payers, providers and patients. Protecting privacy is foundational and we should only exchange data per patient preference. How will we achieve that in Massachusetts?
July 26, 2010
Blog
Privacy and security are foundational to healthcare reform. Patients will trust electronic healthcare records only if they believe their confidentiality is protected via good security.
October 7, 2009
Blog