As more providers are using digital data, privacy and security issues have become a greater concern. Protecting confidential patient information is also a priority for IT vendors, who are interested in offering solutions that come equipped with heightened security features. The industry-wide transition to HIPAA 5010 code set comes with heightened emphasis on privacy of patient data content in provider transactions, since 5010 aims to ensure that only the "minimum necessary" personal health information required for business purposes is included in a transaction.
Privacy hindering EHR progress, say researchers
HHS proposes new privacy, security rules
Serving notice that "covered entities and business associates must understand that mobile device security is their obligation," the HHS Office for Civil Rights has settled with two organizations for a combined $1,975,220 penalty after their unencrypted computers were stolen.
April 23, 2014
Healthcare has a few things to do differently in the privacy and security arena -- one of them being: Start taking it seriously. This according to Verizon's annual breach report.
April 22, 2014
UPMC officials say the number of employees affected by a data breach at the renowned medical center is much higher than originally reported -- rising from 322 employees first disclosed on March 6, now up to 27,000 out of a total of 62,000 employees.
April 21, 2014
The most basic security truth in 2014 is that encryption done properly -- a high enough level of encryption, proper safeguarding of the encryption key -- is the best thing an IT department can do. Sill, many industries resist encryption, and healthcare is arguably the most strident.
April 17, 2014
Security is a nightmare for all companies, but the very nature of healthcare makes it far worse. Are there ways to make security not merely viable, but even profitable?
April 16, 2014
When it comes to security threat severity, the Heartbleed bug doesn't miss a beat. That's according to Phil Lerner, chief information security officer at Beth Israel Deaconess Medical Center, who, on a scale from 1 to 10, ranks the bug a solid "high priority" at 7.5.
April 14, 2014
Some 5,100 Kaiser Permanente patients were sent HIPAA breach notification letters after a KP research computer was found to have been infected with malicious software. Officials say the computer was infected with the malware for more than two and a half years before being discovered Feb. 12.
April 7, 2014
For small- to mid-sized healthcare organizations looking for help with HIPAA security risk assessment, you now have a new tool at your fingertips.
March 28, 2014
It's not only federal HIPAA privacy and security violations that may end up costing industry groups a pretty penny. There's also state privacy laws to heed. Case in point is what recently transpired at Stanford Hospital and Clinics.
March 24, 2014
Without question, BYOD, or "bring your own device," offers benefits to both healthcare employees and employers. It also presents security issues. No matter who owns the device, hospitals are responsible for any data breaches that occur.
March 19, 2014
The 28-hospital Indian Health Service has failed a mock cyberattack conducted by HHS' Office of Inspector General after its computer network was discovered to have "high risk" vulnerabilities.
March 19, 2014
While the U.S. continues digitizing its healthcare industry, a huge challenge is arising: not only securing those systems but verifying identities. With a steady stream of HIPAA-covered data breaches continuing over the past few years, some argue that current identity security approaches just aren't adequate.
March 18, 2014
There's been a lot of talk about privacy protections, or lack thereof, in electronic health records, particularly in context of the economic stimulus proposal that includes $20 billion for health IT.
February 13, 2009
When I read a headline like "Privacy advocates hail stimulus bills," I immediately wonder which privacy advocates.
February 5, 2009
Transparency, in the form of a complete, patient-centered and accessible health record is a policy principle that can drive the next wave of health care innovation. Investing exclusively in institutional EHRs will further stifle efficiency, innovation and improvement.
January 29, 2009