With increasing federal scrutiny of health care data breaches, maintaining a secure network and clinical infrastructure is crucial for both payers and providers. Topics here include: data breaches, data encryption and other security techniques, access and authentication issues, and regulatory requirements.
While the growth of Internet-connected medical devices and wearable fitness products can potentially improve health outcomes, the technology also raises serious privacy and security concerns that could undermine consumer confidence.
Congress held its first hearing on President Obamas proposal for a national breach notification standard on January 27. Testimony primarily from retail and technology trade associations supported much of the plan, but support was lacking for the provision to notify individuals within 30 days of discovering a breach.
New York Attorney General Eric Schneiderman is asking state lawmakers to significantly enhance consumer data security laws.
Patch managementidentifying known vulnerabilities in information systems and fixing them with specific patches from vendorsis an obvious component of a healthcare information security strategy.
But is patch management a regularly scheduled component of the strategy?
The Electronic Frontier Foundation, a technology policy advocacy group, says it has confirmed that the federal government's healthcare.gov insurance exchange site is sharing personal data, including ZIP code, income level, smoking status, pregnancy status, and more, with at least 14 third parties.
President Obamas proposed legislative language to improve the nations cybersecurity does not require companies to harden their information networks.
Legislative language the White House has sent to Congress for consideration is an attempt to set the ground rules for making it easier for industries across the nation to share cyber threat information.
Two years ago, Beaufort (S.C.) Memorial Hospital became a beta site for new secure text messaging software, called Cortext, which was being developed by user authentication and access management software vendor Imprivata. Beaufort now has about 350 users of the secure messaging software, which was implemented with no capital investment absent a little time for engineering assistance from the vendor.
Proposed legislation the White House is sending to Congress to fight cyber attacks includes more protections for consumers than new requirements on companies to better protect the data that they hold. But one of the new requirements would appear to compel a major change in the HIPAA breach notification rule.
The HHS Office for Civil Rights continues to develop its random HIPAA security audit program, and anticipates implementing it expeditiously, OCR Director Jocelyn Samuels said during a discussion with reporters on Jan. 13. But she wont say if the long-delayed program will start this year.
President Barack Obama on Tuesday sought to rally Congress to pass stalled U.S. cybersecurity legislation, an effort that may face obstacles as tensions with key Republicans quickly began to surface.
The University of Montana will host the nation's first rural medicine hackathon in Missoula in March.
Although much attention has been given to the benefits of electronic health records, EHRs pose serious challenges regarding the privacy of sensitive health information for minor adolescents and parents.
Patients scheduled for routine surgeries often overestimate their risk of dying from the procedure, sometimes resulting in unnecessary anxiety and delayed procedures. Better education, including use of a risk calculator, could reduce some of these fears.
Over the past couple of years, the healthcare industry has seen significant growth in the adoption and use of electronic prescribing (e-prescribing) for controlled substances.