HITECH Compliance: 5 Critical Security Issues

Brian Lapidus of Kroll on what healthcare organizations need to do to comply with the security provisions of the HITECH Act.Many hospitals and physician groups are ramping up efforts to implement comprehensive electronic health records systems in hopes of obtaining substantial incentive payments from Medicare or Medicaid under the HITECH Act. They're also scrambling to comply with the act's various security provisions.

Kroll, a risk management company, advises these organizations to pay attention to five critical security issues. In this exclusive interview, Brian Lapidus, COO of Kroll's fraud solutions division, discusses these five issues, emphasizing:

  • Questions to ask business associates;
  • How to deploy encryption;
  • The criticality of having and testing a breach reporting plan.

Lapidus has unique frontline experience helping a wide variety of corporations and organizations safeguard against and respond to data breaches. With an extensive background in organizational development, today he sets direction for the company's continued success in identity theft discovery, investigation and restoration. Lapidus is particularly knowledgeable about the many security gaps - physical, procedural and electronic - common to many U.S. companies and organizations, as well as the criminal landscape where stolen identities are bought, sold and used. He oversees a highly-skilled team that includes veteran licensed investigators who specialize in supporting breach victims and restoring individuals' identities to pre-theft status.

He also is working with consumer organizations to help ensure responsible practices among businesses that provide identity theft-related services. Lapidus has a bachelor's degree from Washington University with concentration in psychology and business and an MBA from Vanderbilt with concentration in strategy and general management.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.