Healthcare Information Security

Patient Privacy

Tiger Team closes in on behavioral health privacy recommendations

by Patrick Ouellette

As Cris Ewell, Seattle Children’s CISO, referenced in a recent interview with, there can be many layers of consent and technology issues when it comes to exchanging behavioral health data. One layer the Health IT Policy...

PCAST: Update health privacy frameworks for big data usage

by Patrick Ouellette

Will current privacy and security frameworks scale to the healthcare industry’s needs in the future? According to a recent President’s Council of Advisors on Science and Technology (PCAST) report, the modernization of the healthcare...

Privacy and Security Tiger Team gets behavioral health feedback

by Patrick Ouellette

The Health IT Policy Committee Privacy and Security Tiger Team engaged in further discussion on Monday around the Data Segmentation for Privacy (DS4P) as it relates to patient authorization within federally assisted substance abuse treatment...

Patient perspective on eHealth, mobile privacy and security

by Patrick Ouellette

According to recently-released results from a Ponemon Institute and Experian Data Breach Resolution report, there are still eHealth services and mobile application privacy and security questions among consumers and patients. The report, titled...

New Jersey explores health big data potential, privacy risks

by Patrick Ouellette

As different states explore the benefits of big data and healthcare IT analytics, the element of patient privacy is invariably raised as a concern. The most recent instance where the complex innovation v. privacy debate arose was at the “Big...

Security Industry Association releases new Privacy Framework

by Patrick Ouellette

Not that the healthcare industry is in dire need of security frameworks to reference in forming an IT security plan, as NIST recently released its voluntary framework, but the Security Industry Association (SIA) recently released its updated...

St. Peter’s University Hospital uses patient identity matching

by Nicole Freeman

Saint Peter’s University Hospital in New Brunswick, New Jersey has signed a three-year contract with Malta Systems to fully-implement the technology company’s Privasent system. The hospital began a pilot program with the patient identity...

Should big data research override patient privacy needs?

by Patrick Ouellette

Making the most out of healthcare big data sets to improve patient care by spotting disease and other types of healthcare trends is undoubtedly viewed as a critical part of healthcare IT innovation. Google co-founder Larry Page was the latest...

Calculating mental health data exposure ramifications

by Patrick Ouellette

When discussing patient privacy, mental and behavioral health records have a higher standard of care because of the sensitive nature of the information. Mental health patients have the subjective right to decide what is and isn’t available...

What does UCLA HIV study mean for social media privacy?

by Patrick Ouellette

Social media is starting to be recognized as a valuable tool for predictive analytics in healthcare, but what are the potential privacy effects among users? A recent UCLA Medicine study that was published in peer-reviewed journal Preventive Medicine...

Middlesex Hospital uses Splunk software for HIPAA compliance

by Nicole Freeman

Middlesex Hospital, a HIMSS Stage 6 hospital, is using Splunk Inc. real-time operational intelligence software to meet HIPAA and HITECH standards throughout its hospital IT network and to secure its electronic healthcare records (EHR). The...

HIMSS14 session preview: Patient privacy trends

by Nicole Freeman

Protecting patient data should be a high priority for all healthcare providers, and the government continues to create policy regarding the protection and access of protected health information (PHI). The Department of Health and Human Services...

HIMSS14 session preview: Privacy and compliance practices

by Nicole Freeman

Healthcare organizations are consistently reminded of their need to protect patient privacy and data, and HIPAA compliance is a requirement for all providers and their business associates (BAs). For healthcare systems, however, there is also...

HIMSS14 session preview: Coordinating ACO privacy & security

by Nicole Freeman

Accountable care organizations (ACOs) are being formed in different sizes across the country in an effort to improve patient access to care, the quality of care received, increase affordability, and, in some cases, switch to a value-based reimbursement...

Patient VDT portal authentication: Privacy considerations

by Patrick Ouellette

The Privacy and Security Tiger Team continued its discussion of access to View/Download/Transmit portals by friends, family members and personal representatives during its meeting on Monday, February 10. But before the Tiger Team was able to...

HIPAA requires providers using Skype to have BAAs

by Nicole Freeman

As expanding technology gives doctors new ways to contact patients and share their information HIPAA compliance questions continually pop up. Do the products being used protect patient data? Are additional safeguards required to comply with HIPAA?...

HIPAA self-payment option complicates patient privacy

by Patrick Ouellette

On the surface, the provision in the HIPAA Omnibus Rule that allows a patient to prevent a provider from reporting information to a health insurer if the patient pays in full may sound relatively straightforward. But this section of the Final...

FDNY privacy notice raises concern for data sale

by Nicole Freeman

The Fire Department City of New York (FDNY) has issued a patient privacy notice that states a patient’s protected health information (PHI) may be used for marketing or fundraising and potentially sold, according to a report from the New York...

Valley Hospital uses remote IT support to augment security

by Patrick Ouellette

In an ideal world, healthcare IT users would be able to walk down the hall and discuss any sort of clinical, technical or compliance issues with their organization’s on-site staff. But because many big healthcare networks span across many...

Patient provider changes: Data privacy, access considerations

by Patrick Ouellette

Transferring patient records between providers creates a litany of pressing issues, not the least of which is ensuring the records remain private while retaining accessibility for clinical staff. WCPO recently reported on the difficult position...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks