A federal proposal to require healthcare organizations to provide patients with access reports listing everyone who has electronically viewed their information is impractical, says Dan Rode of the American Health Information Management Association.
A hospital CIO calls for studies of how best to match patients to their records, citing the issue as critical to the success of health information exchanges.
Though IT business application functions and security-focused practices are expected to be integrated as a single process, secure configuration is the management and control of configurations for information systems to enable security and facilitate the management of information security risk.
As far as Dr. Giles Hogben of ENISA is concerned, now might be the golden opportunity for information security experts to influence the security and privacy measures that may help define Internet safety for the next decade or beyond.
Bob Russo says the long-awaited PCI guidance on tokenization should provide merchants with a baseline for standardization and best practices, and serve as a roadmap for how tokenization can complement compliance with the PCI-DSS.
Do patients really want to know the identity of every doctor, nurse, technician, intern, specialist, admin and consulting physician who ever viewed their records?
A consumer advocacy group is calling attention to a little-known fact about seven federal breach notification bills pending in Congress: They would leave certain healthcare information unprotected.
The Office of the National Coordinator for Health IT has issued an advance notice of proposed rulemaking, seeking public comment on metadata standards to support nationwide electronic health information exchange.
The Health Net Inc. breach that was believed to have affected about 2 million individuals may be larger than originally stated, according to new information from the insurer.
Federal officials should consider a major revamp of a proposal that would require healthcare organizations to provide patients with a report listing everyone who has electronically accessed their records, a former government official who helped draft the proposal says.
When economists dissected July's 0.1 point drop in overall unemployment, to 9.1 percent, they attributed the decline mostly to fewer people seeking work. But that's not the case for IT security professionals. There are few discouraged workers in the information technology occupation categories these days.
The Health IT Policy Committee has endorsed best practices for giving patients clear and simple guidance regarding how to safeguard electronic health records when viewing or downloading them, such as through a hospital's or clinic's portal.
When preparing for a potential HIPAA compliance audit, former HIPAA enforcer Adam Greene advises healthcare organizations: "Don't panic. I'm skeptical if it's possible for an organization to be 'audit-proof.' If you try to scramble and get everything in order, you may fail."
The HHS Office for Civil Rights should carefully consider comments received on its proposal to require healthcare organizations to provide patients with a complete list of everyone who has electronically viewed their information.
What Operation Shady RAT reminds us is not just how vulnerable our IT systems are, but how interconnected we are as a global society, and the fundamental role information technology plays.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.