Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
While the U.S. continues digitizing its healthcare industry, a huge challenge is arising: not only securing those systems but verifying identities. With a steady stream of HIPAA-covered data breaches continuing over the past few years, some argue that current identity security approaches just aren't adequate.
March 18, 2014
News
A rural Colorado hospital has identified a virus present on its computers that collected and encrypted patient data in a hidden file system. As a result, some 5,400 patients are being mailed breach notification letters today.
March 17, 2014
News
If you're in charge of a healthcare organization's data privacy and security, listen up. You now have a new, valuable resource at your fingertips.
March 13, 2014
News
In the realm of privacy and security, heeding snooping employees and encrypting portable devices isn't enough in healthcare these days. Criminal attacks on hospitals are on a huge upward trend, with a whopping 100 percent increase just from four years ago.
March 12, 2014
News
In the first settlement of its kind, Skagit County, Washington will pay the Department of Health and Human Services $215,000 to make up for deficiencies in its HIPAA compliance program.
March 10, 2014
News
Some 168,500 people are getting HIPAA breach notification letters after unencrypted computers were stolen from a city's public health and health services departments, officials announced Thursday.
March 7, 2014
News
In a year where "compliance and enforcement is really where the action is going to be," it might help to have some advice on how to keep on the right side of patient privacy law.
March 5, 2014
News
The Care Connectivity Consortium, which links five powerhouse providers in a nationwide data exchange collaborative, added a sixth member earlier this week at HIMSS14.
February 28, 2014
News
HIPAA "has seen a lot of action lately," said Susan McAndrew, deputy director for health information privacy at the Department for Health and Human Services' Office For Civil Rights, at HIMSS14 on Monday.
February 24, 2014
News
Protecting your hospital's data is no longer just about managing the systems inside your enterprise. Changes being considered in federal privacy regulations are prompting the legal counsel at many hospitals to begin looking at the security policies of contractors and even sub-contractors.
February 24, 2014
News
Who's responsible when a medical device breaks down or is hacked -- the manufacturer who made it or the healthcare provider who's using it?
February 23, 2014
News
The findings of a new HIMSS healthcare security report have been released, and the data may surprise you.
February 20, 2014
News
As we all implement Meaningful Use stages 1, 2, and 3 from 2011-2015, we will increasingly share data among payers, providers and patients. Protecting privacy is foundational and we should only exchange data per patient preference. How will we achieve that in Massachusetts?
July 26, 2010
Blog
Privacy and security are foundational to healthcare reform. Patients will trust electronic healthcare records only if they believe their confidentiality is protected via good security.
October 7, 2009
Blog
Chilmark has not been a big fan of the National Health Information Network (NHIN) concept. It was, and in large part still is, a top heavy federal government effort to create a nationwide infrastructure to facilitate the exchange of clinical information. A high, lofty and admirable goal, but one that is far too in front of where the market is today.
October 2, 2009
Blog
In my role as vice-Chair of the HIT Standards Committee, I join many of the subcommittee calls debating the standards and implementation guidance needed to support meaningful use. Over the past few months, I've learned a great deal from the Privacy and Security Working group.
September 15, 2009
Blog
Today I led a HITSP Board meeting and we discussed the work being done in collaboration with the HIT Standards Committee.
September 9, 2009
Blog
An often times overlooked aspect to implementing an electronic health record (EHR) is the need for a solid technical infrastructure.
August 11, 2009
Blog
An often times overlooked aspect to implementing an electronic health record (EHR) is the need for a solid technical infrastructure.
August 11, 2009
Blog
A caution to readers: This post is about methods for certifying Electronic Health Record (EHR) technologies used by physicians, medical practices, and hospitals who hope to qualify for federal incentive payments under the so-called HITECH portion of the American Recovery and Reinvestment Act (ARRA).
August 4, 2009
Blog
A caution to readers: This post is about methods for certifying Electronic Health Record (EHR) technologies used by physicians, medical practices, and hospitals who hope to qualify for federal incentive payments under the so-called HITECH portion of the American Recovery and Reinvestment Act (ARRA).
August 4, 2009
Blog
At the July 21 meeting of the HIT Standards, we approved an initial set of standards for quality, clinical operations and security/privacy. Here's an update on the deliberations of the workgroups.
July 31, 2009
Blog
I participated in a personal health record (PHR) workshop yesterday hosted by the Center for Democracy and Technology (CDT). CDT's goal was to gain input from a wide array of stakeholders (an impressive collection of about 40 health care leaders with different types of expertise in PHRs) to help inform CDT's recommendations to federal agencies - HHS and the Federal Trade Commission (FTC) - and try to build some degree of consensus among key stakeholders.
May 20, 2009
Blog
I was recently asked to comment about the resources needed to comply with the Privacy Provisions in the Stimulus Bill.
April 1, 2009
Blog