Blog Posts Tagged with "HITECH"

65be44ae7088566069cc3bef454174a7

Lack of Basic Security Practices Results in $1.7 Million Sanction

July 02, 2012 Added by:Rebecca Herold

“This is OCR’s first HIPAA action against a state agency and we expect organizations to comply with their obligations under these rules regardless of whether they are private or public entities.” Bottom line for all organizations of all sizes: It is wise to learn from the pain of others...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

NIST: Technical Guidance for Evaluating Electronic Health Records

April 03, 2012 Added by:Infosec Island Admin

“This guidance can be a useful tool for EHR developers to demonstrate that their systems don’t lead to use errors... It will provide a way for developers and evaluators to objectively assess how easy their EHR systems are to learn and operate, while maximizing efficiency...”

Comments  (0)

54b393d8c5ad38d03c46d060fa365773

Four Keys for Intellectual Property Protection

February 07, 2012 Added by:Jason Clark

Intellectual property includes product designs, secret formulas, and other trade knowledge. It's what organized cybercrime, state governments and hackers are all going after. Why? Mostly because of the value. One stolen manufacturing process can be worth millions...

Comments  (1)

959779642e6e758563e80b5d83150a9f

Healthcare Data Interoperability Pain

January 18, 2012 Added by:Danny Lieberman

Imagine vendor-neutral, standard middleware for EHR applications that would expose data for patients and doctors using an encrypted Atom protocol – very simple, very easy to implement, easy to secure and with very clear privacy boundaries...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Security and the Theory of Constraints

January 16, 2012 Added by:Danny Lieberman

Security management is tricky. It’s not only about technical controls and good software development practice. It’s also about management responsibility. If you remember the Theory of Constraints, there is only one thing that limits a system's (or company's) performance...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Is Healthcare IT Security on Life Support?

January 13, 2012 Added by:Rafal Los

As costs pile up from beaches, innovation suffers. Ask someone who runs a hospital network - the true cost of innovation slow-down can be counted in lives. Maybe I'm being a little dramatic, but I suspect this is closer to reality than we'd like to admit to ourselves...

Comments  (0)

65be44ae7088566069cc3bef454174a7

Do Subpoenas Trump HIPAA or Trample Security of PHI?

January 12, 2012 Added by:Rebecca Herold

I’ve spoken to many business leaders over the years, and most have gotten serious about ensuring safeguards are in place when putting their signatures on attestations and other types of legally binding documents. So, you need to have documented procedures in place...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Medical Device Security

December 27, 2011 Added by:Danny Lieberman

A threat analysis was performed on a medical device used in intensive care units. The analysis considers the security implications of deploying the devices inside a hospital network. Different stakeholders have different security and compliance concerns and therefore different agendas...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

HIPAA Security Rule Toolkit Available from NIST

December 21, 2011 Added by:Headlines

"The NIST HIPAA Security Toolkit Application is intended to help organizations better understand the requirements of the HIPAA Security Rule, implement those requirements, and assess those implementations in their operational environment..."

Comments  (1)

16443e0c6f6e4a400fd0164b3c406170

Are Your Health Records at Risk?

December 14, 2011 Added by:Christopher Burgess

Have we now arrived at the point in obtaining medical care that in addition to looking into the medical practitioner's experience and confirming they are compliant with HIPAA, that we now must review their data handling policies before choosing a health care provider?

Comments  (0)

706d1ad00b38ceb640723d26ebbb5b77

Healthcare Data Breach Response Best Practices

October 30, 2011 Added by:Christine Arevalo

Taking a PHI inventory, establishing an Incident Response Plan, meeting patients' real needs, and looking for the positive aspects of a data breach can all reflect your culture of commitment and caring. And that's the best practice of all...

Comments  (0)

8c4834b99847b9f7c9ee94b45df086f9

HHS to Start Auditing For HIPAA Compliance

September 14, 2011 Added by:Emmett Jorgensen

Despite both HIPAA and the HiTECH Act, healthcare data breaches have been popping up regularly. A recent study found over 70% of hospitals had data breaches last year. This has generated concern over Healthcare’s adoption of security procedures and the overall effectiveness of HIPAA...

Comments  (4)

10e258c8d23d441b915c1b2333b6996a

Privacy and Security Policies: A HIPAA-HITECH Checklist

July 24, 2011 Added by:Jack Anderson

"An important component of preparing for a potential HIPAA compliance audit is to complete a walk-through to make sure privacy and security policies and procedures are practical and effective..."

Comments  (0)

16443e0c6f6e4a400fd0164b3c406170

Patient Data: The Crown Jewels

July 21, 2011 Added by:Christopher Burgess

When the first five months provides a rate of one million records a month in lost patient data, by year’s end five percent of the US population will have had their medical records compromised. We have no choice but to take action now and keep the second half of 2011 from replicating the first...

Comments  (0)

65be44ae7088566069cc3bef454174a7

UCLA Health System Pays $865K to Settle HIPAA Violations

July 10, 2011 Added by:Rebecca Herold

“Covered entities need to realize that HIPAA privacy protections are real and OCR vigorously enforces those protections. Entities will be held accountable for employees who access protected health information to satisfy their own personal curiosity..."

Comments  (0)

07c90faf3632560a12dd6e98069813f2

HIPAA: Rx For End-User Device Risks

July 06, 2011 Added by:Konrad Fellmann

Basically, if electronic PHI data is encrypted, purged, or physically destroyed before it is inadvertently disclosed, then it doesn’t count as a breach. If the information is protected in a way that it can’t be obtained by an unauthorized individual then you’re safe...

Comments  (0)

Page « < 1 - 2 - 3 - 4 > »