Deven McGraw, co-chair of the Privacy and Security Tiger Team that's advising federal healthcare regulators, explains why she's frustrated by delays in rolling out new regulations to protect electronic health records and safeguard the exchange of patient information.
The bring-your-own-device trend is increasing, but work-place policies are not. ISACA's Ken Vander Wal says low employee awareness and the absence of any BYOD policy are to blame. So what can organizations do to fill their security gaps?
Physician group practices, many of which are adopting their first electronic health record system, need to make staff training on privacy and security issues a top priority, says Susan Turney, M.D., the new CEO at the Medical Group Management Association.
Hospitals and physicians that qualify for Stage 1 of the HITECH Act electronic health record incentive program this year will have extra time to comply with Stage 2 requirements, which are expected to include tougher privacy and security guidelines.
A wave of security breaches serves as a catalyst for all types of organizations to assess the need for cyber insurance. Here's the story of one institution that saw the threat and took out a $10 million policy.
Unfortunately, says Ken Vander Wal, most organizations have done little to address security in their policies and procedures regarding BYOD, which is changing the ways companies address user behavior and risk.
The Centers for Medicare and Medicaid Services, which is providing billions of dollars in financial incentives for healthcare organizations to adopt electronic health records, needs an information technology upgrade of its own, according to a new report.