Hospitals and other healthcare organizations need to identify data security breaches "in a much more systematic way" to help ensure the privacy of personal information. That's the advice of Lisa Gallagher, senior director for privacy and security at the Healthcare Information and Management Systems...
In 10 years as a security compliance officer, Christopher Paidhrin has seen his role broaden as information security has become an even higher priority at Southwest Washington Medical Center in Vancouver, Wash.
Today, Paidhrin is more involved in policy development. He's also pushing to improve awareness of the...
The recent news that Nexus One smartphone owners were unable to send or receive data is just a precursor to what security experts say is the next big threat to mobile phones and services - mobile malware.
According to Dr. Markus Jakobsson, a noted security expert in the field of phishing and crimeware, mobile...
The Wyoming Department of Health reports that personal information about clients and applicants for the state's Children's Health Insurance Program, known as Kid Care, was improperly appearing in Google search results.
Envelopes mailed Feb. 1 to nearly 50,000 Californians included their Social Security numbers on the mailing labels, according to the California Department of Health Care Services.
On Feb. 6, the state agency began sending notification letters to the adult day health care services beneficiaries notifying them of the...
Khalid Kark, vice president at Forrester Research, recently wrote an in-depth report on healthcare information security in which he described five key principles.
In an interview, Kark discusses each principle, including:
Take a risk-based approach and look beyond regulatory compliance, focusing instead on...
If you need one more reason to comply with the breach notification provisions of the HITECH Act, here it is: Enforcement begins February 22. After years of lax enforcement of the Health Insurance Portability and Accountability Act's privacy and security rules, HITECH spells out several tough enforcement measures,...
Some call it HIPAA on Steroids. Others simply call it HIPAA II. Technically, it's the Health Information Technology for Economic and Clinical Health Act. But however you label it, the HITECH Act spells out tougher data security requirements for all health care organizations as well as their business associates.
For physician group practices, responding to requests from patients, lawyers, insurers and others for copies of patients' medical records is a time-consuming, labor-intensive headache. But one New York practice has found that secure e-mail is a cure for that pain, as well as a remedy for other communication maladies.
The HITECH Act should be a wake-up call to physician group practices of all sizes regarding the need to take data security seriously, a consultant who advises practices stresses. And that means following the right procedures as well as using the right technologies, says Rosemarie Nelson, principal at MGMA Consulting...
The single most important step hospitals should take to comply with the HITECH Act is to retrain all employees, physicians and even volunteers on how to maintain the privacy and security of personal health information. That's the advice of Dan Rode, a regulatory expert at the American Health Information Management...
(Part four)
The tough enforcement provisions of the HITECH Act may scare some healthcare organizations into finally getting their data security act together.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
