About a dozen privacy controls are expected to be added to the next revision of NIST's security controls' guidance, SP 800-53, says NIST Senior Computer Scientist Ron Ross says.
Associations representing clinic administrators, healthcare CIOs and health information managers are asking federal regulators to go back to the drawing board on the access report provision of a proposed Accounting of Disclosures rule.
The Privacy and Security Tiger Team is spelling out best practices for giving patients clear and simple guidance regarding how to safeguard electronic health records when downloading them from a hospital or a clinic.
It is no longer enough for information security professionals to secure critical information. They also need to be asking about the legitimacy of where this information comes from, says John Colley, managing director of (ISC)2 in EMEA.
NIST's Ron Ross points out that its seminal security control guidance, Special Publication 800-53, contains only one privacy control, requiring agencies to conduct a privacy impact assessment. That will change by year's end.
A new consumer survey suggests healthcare organizations still have a long way to go in educating patients about the benefits of electronic health records and easing their concerns about security issues.
A new concept called Privacy by Redesign, by Dr. Ann Cavoukian, Privacy Commissioner of Ontario, Canada, looks to bring privacy into systems that are already developed.
"Privacy and security controls ... are complementary and mutually reinforcing in trying to achieve the privacy and security objectives of organizations," NIST Senior Computer Scientist Ron Ross says.
The Department of Veterans Affairs is offering a $50,000 prize to a developer who successfully demonstrates the expansion of the use of the "Blue Button" application to enable veterans to download their patient information from providers outside the VA.
A revised, downsized plan to launch a national database of certain federal healthcare claims data is being implemented despite ongoing concerns from privacy advocates.
The Department of Health and Human Services has published a proposed rule that describes privacy, security and many other standards for web-based state insurance exchanges called for under the healthcare reform law.
The threat of a HIPAA compliance audit could prove to be a powerful incentive for healthcare organizations to take adequate precautions to safeguard patient information.
More organizations that run health information exchanges are offering patients the opportunity to provide more specific levels of consent for the exchange of their records, a new survey by the advocacy group eHealth Initiative shows.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.