The Healthcare Information and Management Systems Society is asking federal regulators to be much more specific about the information security requirements within the proposed "meaningful use" rule for the electronic health record incentive payment program.
The Medical Group Management Association and the American Medical Association offer very different assessments of the proposed security provisions in the "meaningful use" rule for the federal electronic health record incentive program.
Michael Frederick, chief information security officer at Baylor Healthcare System in Dallas, is using the HITRUST Common Security Framework to help ease the task of complying with multiple regulations.
The American Hospital Association is calling on federal regulators to refine the "meaningful use" rule for the new Medicare and Medicaid electronic health records incentive program to make the security requirements more clear-cut.
The American Academy of Family Physicians has added its name to the list of organizations complaining about the proposed timeline for achieving the "meaningful use" criteria to qualify for federal EHR incentive payments.
Widespread implementation of encryption is a top priority at Stanford Hospital and Clinics, thanks, in large part, to the "safe harbor" in the HITECH breach notification rule, says Michael Mucha, information security officer.
He notes that organizations that use the proper form of encryption don't have to report...
A risk analysis should not be an annual event, but rather an ongoing process that's revisited whenever a healthcare organization adds or changes any application. That's the advice of Kenneth Bradberry, vice president and chief technology officer at ACS, a consulting firm recently acquired by Xerox.
In an interview...
The man known as "Doctor HIPAA" for his extensive work crafting and implementing the HIPAA administrative simplification rules is hot and cold when it comes to the HITECH Act. William R. Braithwaite, M.D., Ph.D., likes HITECH's funding for electronic health records. But he's not too keen on the short compliance...
Under a proposed federal rule unveiled March 2, organizations designated to certify electronic health records software will assess the applications' security functionality but not require the use of specific security standards.
Accounting for who has viewed a patient's electronic health record "is the single most difficult security requirement to figure out" in the HITECH Act. That's the conclusion of Lisa Gallagher, senior director for privacy and security at the Healthcare Information and Management Systems Society.