Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
HIPAA "has seen a lot of action lately," said Susan McAndrew, deputy director for health information privacy at the Department for Health and Human Services' Office For Civil Rights, at HIMSS14 on Monday.
February 24, 2014
News
Protecting your hospital's data is no longer just about managing the systems inside your enterprise. Changes being considered in federal privacy regulations are prompting the legal counsel at many hospitals to begin looking at the security policies of contractors and even sub-contractors.
February 24, 2014
News
Who's responsible when a medical device breaks down or is hacked -- the manufacturer who made it or the healthcare provider who's using it?
February 23, 2014
News
The findings of a new HIMSS healthcare security report have been released, and the data may surprise you.
February 20, 2014
News
IT security is complicated, made even more so by the dynamic nature of technology and the ever challenging threat landscape. It may be best to think of IT security as a chronic illness, a condition that requires ongoing treatment, testing, and re-evaluations.
February 19, 2014
News
Onsite Occupational Health and Safety has tapped UPMC to provide second opinions and medical consultations in Afghanistan via telemedicine services.
February 19, 2014
News
Federal HIPAA violation penalties may be capped at $1.5 million per incident per year, but there's also state and regional fines for those disregarding privacy and security laws. And one health group is learning that the hard way.
February 18, 2014
News
Whether looking to draw attention to their practices, experiment with new technology or simply have a bit of fun with their otherwise dreary financial operations, several American medical professionals are now accepting bitcoins, the Web-based virtual currency, in addition to dollars.
February 18, 2014
News
To help organizations protect their data assets from the increasing number of cyber attacks, the Commerce Department's National Institute of Standards and Technology this week released a cybersecurity framework groups can use to create, assess or improve comprehensive cybersecurity programs.
February 14, 2014
News
Two Midwest health information exchanges, Tiger Institute Health Alliance and Lewis and Clark Information Exchange, are now able to share the data of 2.5 million patients across Missouri and Kansas.
February 13, 2014
News
Last month, the Identity Theft Resource Center produced a survey showing that medical-related identity theft accounted for 43 percent of all identity thefts reported in the United States in 2013. According to HHS, the theft of a computer or other electronic device is involved in more than half of medical-related security breaches.
February 11, 2014
News
When talking HIPAA privacy and security, the numbers do most of the talking.
February 6, 2014
News
If you’re reading this blog, you most likely saw the pop-up/interstitial Intel ad that asks “Is Cloud Computing Right for You?” Steve Jobs apparently thinks so.
June 7, 2011
Blog
HIPAA regulations long on the books require that covered entities provide patients with accounting of disclosures of their protected health information for any purpose other than treatment, payment or health care operations (TPO). The HITECH Act upped the ante, requiring accounting of disclosures of PHI for TPO as well.
June 2, 2011
Blog
At one time or another, you may have heard a book titled, “All I Really Need To Know I Learned in Kindergarten,” by Robert Fulghum. Robert’s lessons translate into my professional world.
May 25, 2011
Blog
It's been a bad month for the cloud.
May 16, 2011
Blog
One of the biggest ongoing debates in the HIT world is how best to protect digitized health information.
May 4, 2011
Blog
While conducting research for the long overdue and nearly completed report on Personal Health Clouds (Dossia, Google Health and HealthVault) came across a recently published report by the European Network and Information Security Agency (ENISA) addressing cloud computing security.
December 10, 2009
Blog
The concepts of “security” and “privacy” of medical information (Protected Health Information, or PHI) are closely intertwined.
September 25, 2009
Blog
When I lecture about the new generation of personal health records such as Google Health and Microsoft Healthvault, I emphasize that these applications are not covered by HIPAA.
January 4, 2009
Blog
Egypt's crisis has raised alarms about national security and economic impact for Americans if regime change leads to an anti-US government controlling a strong ally in the Middle East. This crisis raises another more personal concern for Americans that has been overlooked by the national media: The security and availability of your electronic medical records in the event of a government-imposed "kill switch" for the Internet.
February 15, 2011
Blog
As we all implement Meaningful Use stages 1, 2, and 3 from 2011-2015, we will increasingly share data among payers, providers and patients. Protecting privacy is foundational and we should only exchange data per patient preference. How will we achieve that in Massachusetts?
July 26, 2010
Blog
Privacy and security are foundational to healthcare reform. Patients will trust electronic healthcare records only if they believe their confidentiality is protected via good security.
October 7, 2009
Blog
Chilmark has not been a big fan of the National Health Information Network (NHIN) concept. It was, and in large part still is, a top heavy federal government effort to create a nationwide infrastructure to facilitate the exchange of clinical information. A high, lofty and admirable goal, but one that is far too in front of where the market is today.
October 2, 2009
Blog