Loading
Yesterday’s HIT Policy Committee Privacy & Security Tiger Team meeting explored the next steps in its query/response Scenario 3 and evaluated the public comments it has received so far on the topic of Stage 3 Meaningful Use privacy and security more »
The Privacy and Security Tiger Team met yesterday to finalize its next round of query and response discussions for Health Information Exchange (HIE) and came away closer to having recommendations prepared for the April HIT Policy Committee meeting. The team more »
NEW ORLEANS — While identity federation may be on the back burner for some healthcare organizations, Jennifer Nowell, Director of Symantec’s Federal Healthcare and Government division, said at HIMSS13 that she believes it will play a large role in the more »
The Privacy & Security Tiger Team met yesterday to further discuss query and response scenarios for Health Information Exchange (HIE). The Tiger Team made it clear that it does not plan to alter the rules that vest providers with the more »
The ability to extend an environment into the cloud has become a hot conversation topic among many healthcare IT professionals. Cloud-based applications, portals and information points are all good reasons to somehow connect the user environment to the cloud presence. more »
Learning how healthcare organizations employ identity access management (IAM) products in unison with their currently security architecture helps give insight to what methods security professionals are using to authenticate and provision and de-provision users. The idea is that IAM products more »
Each type of cloud computing delivery model – Software as a Service (SaaS), Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) – presents different types of challenges for healthcare organizations trying to protect data privacy and authenticate more »
Those who have paid attention to the Health IT Policy and Privacy and Security Tiger Team meetings over the past few months know that the healthcare industry is still in the early stages of formulating health data exchange security standards. more »
During yesterday’s Health IT Policy Committee and HIT Standards Committee meeting, MedAllies’ A. John Blair, MD, offered testimony on the divergent views in analyzing two-factor authentication for EHR security. Blair argued that clinical productivity needs to be strongly considered when more »
Evaluating authentication methods presents a unique set of challenges for healthcare organizations. Multi-factor authentication adoption is becoming more frequent because BYOD and cloud data storage are gaining prominence. Furthermore, it will be included in HIPAA and HITECH (Phase 3) best more »
The Office of the National Coordinator for Health Information Technology’s (ONC) Privacy & Security Tiger Team had a few lingering health data exchange security recommendations and comments to discuss heading into today’s meeting and was able to come to a few more »
For some healthcare organizations, just having a strong understanding of the different security technologies and approaches other industries have taken can be a great first step toward better securing patient data. Once organizations know the currently-available technologies and see what’s more »
Regulations and compliance metrics have always been a bit of a heavy weight on IT. The rapid pace of progress is mainly slowed by the bureaucracy trying to protect both the organization and the customer. This holds especially true for more »
Back in September 2012, the Health IT Policy Committee (HITPC) recommended that EHRs have the ability to accept two factor (or higher) authentication for healthcare providers to remotely access protected health information (PHI) in Stage 3 Meaningful Use. Recommendations included more »
In November 2012 paper on the subject of big data security and privacy concerns, the Cloud Security Alliance laid out the top-ten challenges for the IT industry will face as more and more data are gathered in the cloud. Of more »
Health information exchange (HIE) raises the stakes for health IT professionals and providers as more and more patient data come into play. Although still early in its development, HIE is coming to require the healthcare industry to consider what effect more »
The HIT Policy Committee’s Privacy & Security Tiger Team met today to discuss policy implications of query/response for health information exchange (HIE). Prior to Friday’s Privacy & Security Workgroup meeting, the Tiger Team focused on these tasks in its first more »
The U.S. Postal Service is serving as the test subject for initial government efforts to let federal agencies use third-party ID credentials using standards such as OpenID to decentralize authentication for online services, including Google and PayPal. Though this federal more »
The Department of Health and Human Services (HHS) recently released its 11 steps for securing health mobile data called Mobile Devices: Know the RISKS. Take the STEPS. PROTECT and SECURE Health Information. From some obvious reminders, such as user authentication more »
In its final meeting of 2012, the Office of the National Coordinator for Health Information Technology (ONC) Privacy and Security Tiger Team outlined plans for early 2013 and answered lingering questions regarding previous recommendations. The Tiger Team had presented these recommendations more »
John D. Halamka, MD and CIO of Beth Israel Deaconess Medical Center (BIDMC), wrote recently about the conflicts that can arise when changing user passwords in healthcare organizations. Halamka asked about healthcare provider experiences and thoughts on how to approach more »
2012 is nearing its end, but 2013 will present new challenges for healthcare IT security officers and IT managers. HealthITSecurity.com had a chance to speak with Keith Ashpole, Security Specialist at Via Christi Health in Kansas and Joel Loflin, IT more »
John D. Halamka, MD and CIO of Beth Israel Deaconess Medical Center (BIDMC), published two recent blog posts detailing some unintended results of frequently changing passwords and some examples of where healthcare IT has missed the boat on other industries’ innovation. In more »
As a follow up to last Thursday’s Office of the National Coordinator for Health Information Technology (ONC) Privacy and Security Tiger Team’s meeting on patient identity proofing and authentication, it began discussions on recommendations on best practices for access to more »
Last week’s Health IT Standards Committee and Policy Committee HITSC Privacy & Security Workgroup had an opening panel that delved into some key patient identity proofing and authentication issues. In its following discussion, the Office of the National Coordinator for Health Information Technology more »
