Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
Last month, the Identity Theft Resource Center produced a survey showing that medical-related identity theft accounted for 43 percent of all identity thefts reported in the United States in 2013. According to HHS, the theft of a computer or other electronic device is involved in more than half of medical-related security breaches.
February 11, 2014
News
When talking HIPAA privacy and security, the numbers do most of the talking.
February 6, 2014
News
In one of the biggest HIPAA security breaches reported, hackers accessed a server from a Texas healthcare system, compromising the protected health information of some 405,000 individuals.
February 5, 2014
News
The ONC's Health IT Policy Committee's Privacy and Security Tiger Team is calling for public comment on privacy and policy concerns surrounding patients giving access to their health information.
February 4, 2014
News
The Department of Health and Human Services has made changes to the Clinical Laboratory Improvement Amendments of 1988, giving patients and their designees direct access to laboratory test reports.
February 3, 2014
News
If you're shirking your security systems' obligations all to save a few pennies, better think again. Chances are, it will end up costing much more down the road -- a whopping $1.6 billion more.
February 3, 2014
News
A Wisconsin health insurance group has notified nearly 42,000 of its members that their protected health information may have been compromised following a HIPAA privacy breach.
January 31, 2014
News
As the electronic health record becomes "just another app," more and more providers are setting their sights on an array of complex future needs. An IDC Health Insights report sees big changes coming for care delivery in 2014 and beyond.
January 30, 2014
News
An Alberta, Canada-based medical group has come under fire this week after it announced that the health records of some 620,000 patients have been compromised in a data breach that reportedly went undisclosed for months.
January 24, 2014
News
Hackers have successfully gained access to the protected health information of thousands after hacking into an Ohio-based medical supply company's server back in March.
January 20, 2014
News
The healthcare entity that slapped the Internal Revenue Service with a class action lawsuit back in March over allegedly seizing the private medical records of 10 million Americans has now been identified. The company's founder, the subject of IRS investigation, was indicted last summer on 13 counts of tax evasion, conspiracy and filing fraudulent tax returns.
January 13, 2014
News
In my role as vice-Chair of the HIT Standards Committee, I join many of the subcommittee calls debating the standards and implementation guidance needed to support meaningful use. Over the past few months, I've learned a great deal from the Privacy and Security Working group.
September 15, 2009
Blog
Today I led a HITSP Board meeting and we discussed the work being done in collaboration with the HIT Standards Committee.
September 9, 2009
Blog
An often times overlooked aspect to implementing an electronic health record (EHR) is the need for a solid technical infrastructure.
August 11, 2009
Blog
An often times overlooked aspect to implementing an electronic health record (EHR) is the need for a solid technical infrastructure.
August 11, 2009
Blog
A caution to readers: This post is about methods for certifying Electronic Health Record (EHR) technologies used by physicians, medical practices, and hospitals who hope to qualify for federal incentive payments under the so-called HITECH portion of the American Recovery and Reinvestment Act (ARRA).
August 4, 2009
Blog
A caution to readers: This post is about methods for certifying Electronic Health Record (EHR) technologies used by physicians, medical practices, and hospitals who hope to qualify for federal incentive payments under the so-called HITECH portion of the American Recovery and Reinvestment Act (ARRA).
August 4, 2009
Blog
At the July 21 meeting of the HIT Standards, we approved an initial set of standards for quality, clinical operations and security/privacy. Here's an update on the deliberations of the workgroups.
July 31, 2009
Blog
I participated in a personal health record (PHR) workshop yesterday hosted by the Center for Democracy and Technology (CDT). CDT's goal was to gain input from a wide array of stakeholders (an impressive collection of about 40 health care leaders with different types of expertise in PHRs) to help inform CDT's recommendations to federal agencies - HHS and the Federal Trade Commission (FTC) - and try to build some degree of consensus among key stakeholders.
May 20, 2009
Blog
I was recently asked to comment about the resources needed to comply with the Privacy Provisions in the Stimulus Bill.
April 1, 2009
Blog
There's been a lot of talk about privacy protections, or lack thereof, in electronic health records, particularly in context of the economic stimulus proposal that includes $20 billion for health IT.
February 13, 2009
Blog
When I read a headline like "Privacy advocates hail stimulus bills," I immediately wonder which privacy advocates.
February 5, 2009
Blog
Transparency, in the form of a complete, patient-centered and accessible health record is a policy principle that can drive the next wave of health care innovation. Investing exclusively in institutional EHRs will further stifle efficiency, innovation and improvement.
January 29, 2009
Blog