Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
HIPAA "has seen a lot of action lately," said Susan McAndrew, deputy director for health information privacy at the Department for Health and Human Services' Office For Civil Rights, at HIMSS14 on Monday.
February 24, 2014
News
Protecting your hospital's data is no longer just about managing the systems inside your enterprise. Changes being considered in federal privacy regulations are prompting the legal counsel at many hospitals to begin looking at the security policies of contractors and even sub-contractors.
February 24, 2014
News
Who's responsible when a medical device breaks down or is hacked -- the manufacturer who made it or the healthcare provider who's using it?
February 23, 2014
News
The findings of a new HIMSS healthcare security report have been released, and the data may surprise you.
February 20, 2014
News
IT security is complicated, made even more so by the dynamic nature of technology and the ever challenging threat landscape. It may be best to think of IT security as a chronic illness, a condition that requires ongoing treatment, testing, and re-evaluations.
February 19, 2014
News
Onsite Occupational Health and Safety has tapped UPMC to provide second opinions and medical consultations in Afghanistan via telemedicine services.
February 19, 2014
News
Federal HIPAA violation penalties may be capped at $1.5 million per incident per year, but there's also state and regional fines for those disregarding privacy and security laws. And one health group is learning that the hard way.
February 18, 2014
News
Whether looking to draw attention to their practices, experiment with new technology or simply have a bit of fun with their otherwise dreary financial operations, several American medical professionals are now accepting bitcoins, the Web-based virtual currency, in addition to dollars.
February 18, 2014
News
To help organizations protect their data assets from the increasing number of cyber attacks, the Commerce Department's National Institute of Standards and Technology this week released a cybersecurity framework groups can use to create, assess or improve comprehensive cybersecurity programs.
February 14, 2014
News
Two Midwest health information exchanges, Tiger Institute Health Alliance and Lewis and Clark Information Exchange, are now able to share the data of 2.5 million patients across Missouri and Kansas.
February 13, 2014
News
Last month, the Identity Theft Resource Center produced a survey showing that medical-related identity theft accounted for 43 percent of all identity thefts reported in the United States in 2013. According to HHS, the theft of a computer or other electronic device is involved in more than half of medical-related security breaches.
February 11, 2014
News
When talking HIPAA privacy and security, the numbers do most of the talking.
February 6, 2014
News
Privacy and security are foundational to healthcare reform. Patients will trust electronic healthcare records only if they believe their confidentiality is protected via good security.
October 7, 2009
Blog
Chilmark has not been a big fan of the National Health Information Network (NHIN) concept. It was, and in large part still is, a top heavy federal government effort to create a nationwide infrastructure to facilitate the exchange of clinical information. A high, lofty and admirable goal, but one that is far too in front of where the market is today.
October 2, 2009
Blog
In my role as vice-Chair of the HIT Standards Committee, I join many of the subcommittee calls debating the standards and implementation guidance needed to support meaningful use. Over the past few months, I've learned a great deal from the Privacy and Security Working group.
September 15, 2009
Blog
Today I led a HITSP Board meeting and we discussed the work being done in collaboration with the HIT Standards Committee.
September 9, 2009
Blog
An often times overlooked aspect to implementing an electronic health record (EHR) is the need for a solid technical infrastructure.
August 11, 2009
Blog
An often times overlooked aspect to implementing an electronic health record (EHR) is the need for a solid technical infrastructure.
August 11, 2009
Blog
A caution to readers: This post is about methods for certifying Electronic Health Record (EHR) technologies used by physicians, medical practices, and hospitals who hope to qualify for federal incentive payments under the so-called HITECH portion of the American Recovery and Reinvestment Act (ARRA).
August 4, 2009
Blog
A caution to readers: This post is about methods for certifying Electronic Health Record (EHR) technologies used by physicians, medical practices, and hospitals who hope to qualify for federal incentive payments under the so-called HITECH portion of the American Recovery and Reinvestment Act (ARRA).
August 4, 2009
Blog
At the July 21 meeting of the HIT Standards, we approved an initial set of standards for quality, clinical operations and security/privacy. Here's an update on the deliberations of the workgroups.
July 31, 2009
Blog
I participated in a personal health record (PHR) workshop yesterday hosted by the Center for Democracy and Technology (CDT). CDT's goal was to gain input from a wide array of stakeholders (an impressive collection of about 40 health care leaders with different types of expertise in PHRs) to help inform CDT's recommendations to federal agencies - HHS and the Federal Trade Commission (FTC) - and try to build some degree of consensus among key stakeholders.
May 20, 2009
Blog
I was recently asked to comment about the resources needed to comply with the Privacy Provisions in the Stimulus Bill.
April 1, 2009
Blog
There's been a lot of talk about privacy protections, or lack thereof, in electronic health records, particularly in context of the economic stimulus proposal that includes $20 billion for health IT.
February 13, 2009
Blog