New York-Presbyterian Hospital has developed a breach response checklist that others should consider as they create their breach resolution game plans.
One key reason why encryption isn't more widely used in healthcare is that some information technology specialists have outdated perceptions about the technology, contends security expert Melodi Mosely Gates.
A new, free HIPAA Security Rule Toolkit is designed to help healthcare organizations conduct a thorough risk assessment, says Kevin Stine, who helped guide the project for the National Institute of Standards and Technology.
The emerging trend of class action lawsuits filed in the wake of major health information breach incidents offers one more incentive to boost breach prevention efforts.
Hospitals and physicians that qualify for Stage 1 of the HITECH Act electronic health record incentive program this year will have extra time to comply with Stage 2 requirements, which are expected to include tougher privacy and security guidelines.
Accountable Care Organizations that will be formed to coordinate treatment of some Medicare patients must make HIPAA compliance, including risk assessments, a top priority, says security expert Rebecca Herold.
The National Institute of Standards and Technology is offering a free online HIPAA Security Rule Toolkit, a self-assessment tool that's designed to help healthcare organizations and their business associates comply with the rule.
In addition to the negative publicity associated with being included on the federal tally of major health information breaches, some organizations are experiencing yet another impact of breaches: class action lawsuits.
The ongoing delay in the release of final versions of HIPAA modifications and the HIPAA breach notification rule makes it more difficult for healthcare organizations to set information security investment priorities, says hospital privacy officer Kari Myrold.
Ongoing HIPAA compliance training is key to breach prevention, says Terrell Herzig of UAB Medicine. Yet many healthcare organizations are lacking in their efforts, according to results from the Healthcare Information Security Today survey.
Results from HealthcareInfoSecurity's inaugural survey show regulatory compliance being the No. 1 information security priority for the coming year. What steps should organizations start taking before regulatory audits begin?
The director of the agency that enforces HIPAA "fully expects" the government to launch a permanent HIPAA compliance audit program once a pilot is completed in 2012.
The Department of Health and Human Services should provide regularly updated, detailed guidance on all aspects of HIPAA security rule compliance, the Privacy and Security Tiger Team plans to recommend.
A lack of ongoing HIPAA compliance training increases the risk of internal breaches, says Terrell Herzig, information security officer at UAB Medicine.
Winning senior executive support for information security spending requires "a solid business case of justifications," says Christopher Paidhrin, security compliance officer at PeaceHealth Southwest Medical Center.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.