Tennant: More Security Guidance Needed

The breach notification rule will drive physician practices to improve their data security, says Robert Tennant, senior policy advisor at the Medical Group Management Association in Englewood, Colo.


The breach notification rule will drive physician practices to improve their data security, says Robert Tennant, senior policy advisor at the Medical Group Management Association in Englewood, Colo.

Speaking at the Safeguarding Health Information conference in Washington, Tennant noted that the last thing a practice in a small town wants is to see their name in the newspaper because of a breach. In a panel discussion on the HIPAA security rule, Tennant offered several suggestions to federal officials:

* The Centers for Medicare and Medicaid Services several years ago wrote a seven-part series of security rule guidelines for non-technical personnel. Now, CMS should update and expand that series, and the Health and Human Services' Office for Civil Rights should write a similar series on breach notification issues.

* Federal agencies should increase public education of the breach, privacy and security rules with open door forums and conferences.

* The feds also should solicit voluntary audits of providers' information security programs with anonymous feedback reports given to the participating providers, but also using the reports to make lessons learned available to the public.

--Joseph Goedert

 

More for you

Loading data for hdm_tax_topic #reducing-cost...