The Annual HIMSS Leadership Survey is far from scientific. But the results are nevertheless eye-opening. This year's results show that 23% of responding organizations have had some sort of a security breach in the past year. And that's a big number.
Accounting for who has viewed a patient's electronic health record "is the single most difficult security requirement to figure out" in the HITECH Act. That's the conclusion of Lisa Gallagher, senior director for privacy and security at the Healthcare Information and Management Systems Society.
Hospitals should use a team approach to creating breach detection and breach notification strategies. That's the advice of Gerry Hinkley, senior partner at the law firm Pillsbury, Winthrop, Shaw and Pittman.
Hospitals preparing for a potential government audit of their HIPAA security rule compliance should "build a continual state of readiness," says David Wiseman, information security manager at Saint Luke's Health System, Kansas City, Mo.
To be fully prepared, Wiseman says hospitals should:
Conduct a HIPAA...
Sitting in an all-day security workshop at the HIMSS Conference in Atlanta Feb. 28 provided me with a good education about what's on the minds of security leaders. For example, one member of the audience said it was a "huge challenge" to ensure that when an employee is fired, their password is promptly deactivated so...
An association of healthcare CIOs has prepared a lengthy, harsh critique of proposed rules for the Medicare and Medicaid electronic health record incentive program.
The group advocates substantial revisions in the criteria for the incentives, which were created by the HITECH Act, as well as a much less aggressive...
Chief information security officers need to be able to translate technical projects into clear business terms, says Todd Fitzgerald, co-author of the book, "CISO Leadership Skills: Essential Principles for Success."
In an interview, Fitzgerald:
Describes the managerial skills that CISOs need;
Outlines how to...
The list of 36 recent major breaches of healthcare information posted on a government Web site likely represents a small fraction of the significant breaches in healthcare in recent months, security experts say.