Privacy and Security

As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.

RELATED STORIES:
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules

 
As director of health information technology policy and programs for the National Partnership for Women and Families, Mark Savage keeps a close watch on healthcare information technology, along with all other aspects of patient care.
July 5, 2014
News
The Office for Civil Rights, the HHS division responsible for enforcing HIPAA, is slated to get a new director after the official departure of Leon Rodriguez.
July 2, 2014
News
When an organization experiences a major data breach and puts out a news release, the point is to comfort people that the news isn't as bad as it sounds. But at the same time, it's critical to be precise with language -- lest that organization be compelled to subsequently issue the dreaded, "What we actually meant to say in Monday's statement…" statement.
July 1, 2014
News
Call it big data bloodlust: The more health information being generated by a growing contingency of apps, devices, electronic health records, mHealth sensors and wearables, the broader and stronger the desire for that data becomes.
June 30, 2014
News
In one of the largest HIPAA breaches ever reported, the Montana Department of Public Health and Human Services is notifying some 1.3 million people after hackers gained unfettered access to an agency server for nearly a year before being discovered.
June 25, 2014
News
More than 60 percent of all industries worldwide embrace BYOD, says Mac McMillan, CEO of the information security company CynergisTek and chairman of the HIMSS Privacy and Security Task Force. In healthcare, that number stands at around 85 percent, with 92 percent of that number saying personal mobile devices are in use multiple times every day.
June 25, 2014
News
As myriad healthcare organizations have attested, the aftermath of a HIPAA violation generally isn't a pretty sight, especially when it comes to one's bank account. One Indiana-based health system has witnessed this reality after being slapped with an $800,000 settlement for violating the HIPAA Privacy Rule.
June 24, 2014
News
The U.S. Department of Health & Human Services has launched a federal probe into HIPAA privacy violations at the University of Cincinnati Medical Center, according to an HHS spokesperson.
June 24, 2014
News
Data attacks on healthcare organizations have increased a whopping 100 percent from just four years ago, a reality that has chief security and information officers in a dash to stay ahead of the data protection curve.
June 23, 2014
News
In one of her first orders of business as new Health and Human Services Secretary, Sylvia Mathews Burwell has made management changes aimed at ensuring that HealthCare.gov is robust enough to handle the upcoming open enrollment period.
June 23, 2014
News
Some 90 percent of healthcare organizations have reported at least one data breach in the past two years, with more than a third seeing more than five breaches. Gerry Hinkley, partner at Pillsbury Winthrop Shaw Pittman's healthcare practice, says breach response is where many make major missteps, mistakes that can easily be avoided.
June 20, 2014
News
More than 20,000 patients seen at a San Diego hospital are getting HIPAA breach notification letters after employees on two separate occasions emailed protected health information to job applicants by mistake. One incident occurred nearly two years ago.
June 19, 2014
News
I participated in a personal health record (PHR) workshop yesterday hosted by the Center for Democracy and Technology (CDT). CDT's goal was to gain input from a wide array of stakeholders (an impressive collection of about 40 health care leaders with different types of expertise in PHRs) to help inform CDT's recommendations to federal agencies - HHS and the Federal Trade Commission (FTC) - and try to build some degree of consensus among key stakeholders.
May 20, 2009
Blog
I was recently asked to comment about the resources needed to comply with the Privacy Provisions in the Stimulus Bill.
April 1, 2009
Blog
There's been a lot of talk about privacy protections, or lack thereof, in electronic health records, particularly in context of the economic stimulus proposal that includes $20 billion for health IT.
February 13, 2009
Blog
When I read a headline like "Privacy advocates hail stimulus bills," I immediately wonder which privacy advocates.
February 5, 2009
Blog
Transparency, in the form of a complete, patient-centered and accessible health record is a policy principle that can drive the next wave of health care innovation. Investing exclusively in institutional EHRs will further stifle efficiency, innovation and improvement.
January 29, 2009
Blog