Healthcare Information Security

Cybersecurity News

Texas Healthcare Privacy, Security Focus in Recent Partnership

The Texas Health Services Authority’s new HIT compliance offering ensures healthcare privacy and security across the state.

Healthcare privacy and security aided by secure data exchange

Source: Thinkstock

By Elizabeth Snell

- Texas covered entities will now have assistance in working toward healthcare privacy and security compliance measures through a recent partnership between the Texas Health Services Authority (THSA) and Third Rock Incorporated.

THSA will utilize Third Rock’s cloud-based compliance management platform, which “streamlines and automates the privacy and security compliance process,” according to a THSA statement.

“The THSA is excited to offer health IT compliance services and we are pleased partner with Third Rock to better protect Texans’ sensitive health information,” THSA Chief Executive Officer George Gooch said in a statement. “Third Rock’s compliance tool is both effective and easy to use, which will greatly benefit smaller healthcare entities that are increasingly the targets of cyberattacks.”

The compliance platform will also help covered entities conduct privacy and security training, as well as perform security risk assessments.

Third Rock CEO Robert Felps stated that his company is happy to deliver risk assessments that will help the Texas healthcare industry.

“We’ve worked hard to bring affordable tools that simplify HIPAA compliance for small and medium healthcare practices, and THSA clearly understands the value of protecting both patients and medical practices, and that it is more important today than ever,” Felps explained.

Texas established THSA to promote, implement, and facilitate the secure electronic exchange of health information, according to the THSA website. THSA also offers HIE privacy and security certification and supporting programs.

“Many patients today receive care based on incomplete information,” the THSA website explains. “This can be as harmless to the patient as taking duplicate tests, or as serious as receiving incorrect treatment based on an incomplete medicine allergy list or inaccurate medical history.”

“HIE connectivity dramatically increases health care providers’ access to patients’ health information to ensure that patients receive the right care, from the right health care providers, at the right time.”

Information exchange can be greatly beneficial for healthcare, but data security must be considered. More states are working to ensure that innovation can be utilized in a secure way.

Toward the end of 2016, the National Governors Association (NGA) released guidance under an agreement with ONC that included potential steps to improve the flow of electronic health information within, and among states.

“The United States has experienced significant advancements in medical diagnostics and treatments for complex health problems in recent years; however, health care still lags far behind other sectors of the economy in the exchange of information to improve efficiency,” said an NGA summary. “Due to a variety of legal and market-based barriers, exchange of clinical health information between providers often does not occur, or occurs in a manner that does not allow for meaningful use of data to support optimal patient care.”

NGA added that providers need access to complete patient information to make the right decisions for patient care. Entities can also minimize repetition and errors, ensure high-quality transitions of care, and lower costs when they have the necessary data.

Behavioral health can also potentially benefit from secure health data exchange.

The California Office of Health Information Integrity (CalOHII) recently announced that its State Health Information Guidance (SHIG) will help providers better understand the data exchange process, with specific regard to substance use disorder and mental health patient records.

There is often confusion surrounding patient data privacy laws, with both providers and patients not knowing how information can be shared amongst providers.

“This guidance is timely and important to the further adoption of health information exchange,” Executive Director of San Diego Health Connect Daniel Chavez said in a June 2017 statement. “The guidance comprehensively addresses concerns and barriers regarding what can be shared and under what circumstances, while protecting patient privacy.”

The guidance is applicable to numerous healthcare groups, including but not limited to physical healthcare providers, mental healthcare providers, and substance use disorder providers.

“This guidance is a huge step towards removing regulatory uncertainty that has prevented organizations from sharing these records,” Executive Director of the California Association of Health Information Exchanges Robert Cothren explained. “Sharing mental health and substance use disorder information is a critical component of the complete picture of an individual’s health.”


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks