Obamas Cybersecurity Plan Could Preempt HIPAA
This week President Obama announced a number of new initiatives aimed and improving cybersecurity to better protect consumers. 2014 was a year that saw hackers successfully gain access to the computer systems of retailers, corporations, healthcare providers, educational institutions and even the Pentagons Twitter account was successfully hacked. Cybercriminals were able to steal and expose personal and corporate data, commit identity fraud, obtain Medicare and Medicaid services and make fraudulent insurance claims, and the threats remain for those individuals affected. The volume of electronic personal data now being stored means security breaches can easily affect many millions of individuals. Last year U.S. companies – and many healthcare organizations – were targeted by criminals and highly complex attacks exposed financial and personal consumer data on a grand scale. Home Depot hackers stole the credit card information and personal data of 56 million Americans. Hackers were able to obtain 40 million credit card numbers from Target as well as the personal information of...
Federal Advisers to Propose Legislative Changes Covering Big Data
The Health IT Policy Committee’s Privacy and Security Workgroup has been assessing a number of Big Data issues affecting the privacy and security of patients following on from two public hearings hosted by the group in December last year. The ultimate aim is for the workgroup to make a number of recommendations on policy to the Office of the National Coordinator for Health IT, and ultimately to have these recommendations incorporated into new federal DHHS policies. The public hearings allowed stakeholders to voice their concerns about the use of big data in healthcare, as well as to highlight the benefits it can bring such as improving patient care and treatment outcomes, while reducing operational costs. There is naturally a balance to be struck to ensure the benefits can be gained while privacy risks to individuals are minimized. Having gained valuable information at the hearings, the workgroup now has the task of assessing current policies and determining whether the right framework is in place to gain the all important benefits while protecting patient privacy. A number...
Lack of Mobile Device IT Support in Hospitals Frustrates Physicians
According to a recent report by Spyglass Consulting, the use of Smartphones and tablets by doctors has now risen to an estimated 96%; yet only ten percent of those physicians are willing to use their own devices to communicate or access the electronic health records of their patients. Furthermore, a lack of support from hospital IT departments negates much of the usefulness of these devices in a healthcare environment. One of the major problems comes from a lack of suitable EMR tools provided by the hospital. Many hospitals and clinics are opting for desktop virtualization tools such as those provided by Citrix, and while in theory these tools should work, in practice the system is despised by physicians because of the frequent crashes and user-unfriendly navigation. There is a lack of investment in IT infrastructure according to Spyglass MD, Gregg Malkary. He believes many hospitals that are not part of Meaningful Use are unwilling to make the necessary investments in mobile technology. Spyglass spoke with 100 doctors up to date with current technology as part of its research for...
CHIME Leader Says Healthcare Cybersecurity is Top Priority in 2015
Charles Christian, FCHIME, LCHIME, CHCIO, has the 2015 Trustees Chair at the College of Healthcare Information Management Executives (CHIME) and believes 2015 to be a year where positive changes will be made to improve cybersecurity in healthcare, although many challenges are faced. Just as new technology is being used – and exploited – by cybercriminals looking to gain access to the Protected Health Information of patients, healthcare providers can easily use technology to keep the data of their patients protected. The technology exists to prevent any external unauthorized third parties from gaining access to protected information and this must be used to ensure that data remains confidential and private. Evolving technologies are allowing greater protections to be placed on data, which can be effectively secured in motion and at rest. CHIME is committed to educating its members on new technology, how it can be used and implementing best practices to keep electronic Protected Health Information secure. Christian believes that positive patient identification and cybersecurity to be...
No Timetable for HIPAA Audits Provided by OCR Director
OCR Director Jocelyn Samuels has revealed the expected round of HIPAA audits are could still be some time off. In a Jan 13 media briefing the OCR Director refused to commit to a timescale for the next round of audits, which were originally expected to take place in the fall of 2014. The delay has previously been attributed to issues with the implementation of new technology to allow audit documents to be collected and processed. No reason was given for the continued delay to the audit program, other than the fact that the OCR still has plenty of work still to do before the audits program can be launched. The pilot audits first took place in 2012, with an initial 115 organizations assessed for compliance. KPMG conducted the audits and the procedures and protocols have needed to be revised to accommodate the changes made by the introduction of the Omnibus Final Rule in 2013. The delay gives healthcare organizations some more time to conduct risk assessments, review and revise business associate agreements and make sure all HIPAA regulations are being followed. Samuels confirmed that...



