Community hospitals must become more vigilant about information security, especially as they apply for HITECH Act electronic health records incentive payments, says Chuck Christian, CIO at Good Samaritan Hospital in Vincennes, Ind.
Devising strategies for ensuring social media are not used in ways that violate patient privacy is one of the top trends for 2011, says Lisa Gallagher, senior director of privacy and security at the Healthcare Information and Management Systems Society.
A presidential council's call for creation of a universal exchange language based on XML as a way to make electronic health records systems interoperable and ease the secure exchange of data is overly simplistic and impractical, some critics say.
Healthcare privacy and security issues rose to the forefront in 2010 thanks, in large part, to the HITECH Act, which led to many new regulations as well as a public list of major health information breaches.
"The environment that started by supporting whistleblowers ... is essentially morphing into 'Gee, we as an organization need to be completely transparent, whether we want to or not,'" says Cal Slemp, managing director of Protiviti.
A recently released presidential council report, while raising important issues, oversimplifies the challenges involved in securely exchanging health information, says Joyce Sensmeier, vice president for informatics at the Healthcare Information and Management Systems Society.
Cyber criminals typically will move on to a target that is much less secure but those behind advanced persistent threats will spend months if not years trying to penetrate an IT system until they succeed, says Dmitri Alperovitch, McAfee Labs threat research vice president.