Healthcare organizations need to improve the methods they use to objectively assess the severity of a security incident and whether it should be reported, says David Parks, a privacy officer and attorney.
The curious fact about cybersecurity legislation before Congress is that nearly everyone sees a need for it, and there's no partisan bickering, yet few people see a comprehensive federal information security bill becoming law this year.
In Cincinnati, one of the nation's oldest health information exchanges studies the best way to give patients control over their data. Meanwhile, in Washington state, pilot projects test the health record bank approach.
The Markle Foundation's "blue button" concept for enabling patients to download their records from a secure website is suitable for a wide variety of healthcare organizations, says Josh Lemieux, the foundation's director of personal health technology.