Loading
A healthcare chief information officer (CIO) saying that he expects to experience a health data breach is not only unusual, but may produce shock and awe in some parts of the healthcare industry. However, having this type of outlook, regardless more »
In a recent guest post on John Halamka’s blog, Fabienne Bourgeois, MD, of Children’s Hospital Boston analyzed some privacy concerns and roadblocks for adolescent personal health record (PHR) interactions while detailing Children’s approach to patient portals. The subject of patient privacy and more »
Pitting public health and well-being against patient confidentiality is nothing new in the healthcare industry and won’t die down anytime soon, but the ongoing debate has been magnified of late in Boston. The Boston Public Health Commission recently received criticism more »
BOSTON – One thing that many healthcare industry experts seemed to agree on at the the Institute for Health Technology Transformation (iHT2) Health IT Summit in Boston today was that there shouldn’t be absolutes in the privacy and security conversation. more »
BOSTON – Healthcare organizations are undoubtedly moving toward using large data sets to learn more about patients and become more efficient in patient care. Many are part of health information exchanges (HIEs) or accountable care organizations (ACOs) as part of more »
National Institute of Standards and Technology (NIST) released its Special Publication 800-53 Revision 4, titled Security and Privacy Controls for Federal Information Systems and Organizations, in April and some of the content included is pertinent to healthcare organizations. NIST’s collection more »
One of the core issues for health data breach victims over the past few years has been the refrain that the incident was an anomaly and won’t happen again. Viewing a breach as a rogue incident would exacerbate the problem more »
Yesterday’s HIT Policy Committee Privacy & Security Tiger Team meeting explored the next steps in its query/response Scenario 3 and evaluated the public comments it has received so far on the topic of Stage 3 Meaningful Use privacy and security more »
The move away from stationary toward ubiquitous computing (i.e., desktop to mobile) is leading many healthcare organizations to adopt a new approach to safeguarding the protected health information (PHI). This reality only serves to exacerbate a reality in health IT: more »
The Food and Drug Administration Safety Innovation Act (FDASIA) Workgroup came together for the first time during yesterday’s HIT Policy Committee meeting to discuss health IT risks that affect patient safety. FDASIA will be responsible for offering expert input on more »
The process of sharing protected health information (PHI) is wrought with many challenges. Entities covered under HIPAA and its recent update in the omnibus rule have the legal responsibility to safeguard PHI by putting the right policies, procedures, and agreements more »
The healthcare world is becoming ever more reliant on IT and data center infrastructures. With any new type of technological advancement, the security conversation is always nearby. The reality is simple – the greater the reliance on a certain type more »
A new case study published by the Commonwealth Fund demonstrates how the Colorado Beacon Consortium (CBC), one of the 17 communities selected by the Office of the National Coordinator for Health Information Technology (ONC) through its Beacon Community Program, handles more »
A recent whitepaper sent out by Senators John Thune (R-S.D.), Lamar Alexander (R-Tenn.), Pat Roberts (R-Kan.), Richard Burr (R-N.C.), Tom Coburn (R-Okla.), and Mike Enzi (R-Wyo.) condemned the way the Health Information Technology and Economic and Clinical Health (HITECH) Act’s more »
The Health Information Trust Alliance (HITRUST) is telling healthcare organizations that they are still able to submit their recommendations to the HITRUST Cybersecurity Working Group in relation to the HITRUST Common Security Framework (CSF). But there is also more immediate more »
Following a House panel approving the Federal Information Security Management Act (FISMA) and sending it to the House of Representatives in March, the House passed the bill (a 416-0 vote) to revise the 2002 version of the Act on April more »
Senators John Thune (R-S.D.), Lamar Alexander (R-Tenn.), Pat Roberts (R-Kan.), Richard Burr (R-N.C.), Tom Coburn (R-Okla.), and Mike Enzi (R-Wyo.) want a healthcare IT do-over in the U.S. The group released a white paper titled REBOOT: Re-examining the Strategies Needed more »
There are many reasons for concern when it comes to healthcare data security, such as data breach volume or stringent government regulations, but finding qualified IT personnel has long been an issue for healthcare organizations. A recent Towers Watson study, more »
Digital certificate management can sometimes fall under the radar when discussing healthcare data security because of other security concerns. But make no mistake, internal security threats are a serious concern that bears watching and it’s important that security personnel prevent more »
With the increase in security threats, breaches and malicious activities, healthcare organizations are trying harder than ever to secure their environments. This means placing devices inside and even outside of their networks. In some cases, this level of security still isn’t enough. more »
The second annual Healthcare Information Security Today survey revealed six emerging healthcare security trends. It hit on all of the key healthcare security pain points for professionals and showed how organizations are dealing with new HIPAA rules and what they’re more »
The next step of the National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) plans will go into effect today as it officially announces the vendors it will be working with to develop cybersecurity technology. NIST is more »
Richard Faircloth has brought a class action lawsuit against Adventist Health System/Sunbelt, Inc. for violating the privacy rights of other patients at the Florida hospital, according to court documents acquired by Law360. Faircloth, a former patient of the hospital, filed more »
In a proposed rule similar to another presented by the Centers for Medicare & Medicaid Services (CMS), the Office of the Inspector General (OIG) is proposing to extend the exception for donors of electronic health record (EHR) systems (i.e., safe more »
How healthcare providers and vendors that are part of a health information exchange (HIE) should be segmenting and securing sensitive information, such as mental health data, sexually transmitted disease (STD) information or drug/alcohol abuse history, remains somewhat ambiguous for many more »
