Hospitals and physicians that qualify for Stage 1 of the HITECH Act electronic health record incentive program this year will have extra time to comply with Stage 2 requirements, which are expected to include tougher privacy and security guidelines.
Accountable Care Organizations that will be formed to coordinate treatment of some Medicare patients must make HIPAA compliance, including risk assessments, a top priority, says security expert Rebecca Herold.
None of the agencies surveyed by GAO could precisely enumerate the number of IT security personnel they employed. In fact, estimates within agencies varied widely, based on who was reporting and analyzing employment data.
Dan Waddell of Tantus Technologies says giving back to the community is every information security professional's responsibility. And with the insurgence of cybercrime affecting all walks of life, now is the ideal time to get started.
The National Institute of Standards and Technology is offering a free online HIPAA Security Rule Toolkit, a self-assessment tool that's designed to help healthcare organizations and their business associates comply with the rule.
In addition to the negative publicity associated with being included on the federal tally of major health information breaches, some organizations are experiencing yet another impact of breaches: class action lawsuits.
Ongoing HIPAA compliance training is key to breach prevention, says Terrell Herzig of UAB Medicine. Yet many healthcare organizations are lacking in their efforts, according to results from the Healthcare Information Security Today survey.
Virtual Radiologic Professionals, LLC notified individuals about a stolen laptop taken from an employee's car. By corporate policy, the laptop's hard drive was supposed to be encrypted, but something went wrong.
The Department of Health and Human Services says more than 100,000 primary care providers have signed up through regional extension centers to adopt electronic health records. But what does this mean in the EHR big picture?
To win support for information security spending, IT security professionals need to refine how they make their case to senior executives, says Christopher Paidhrin, security compliance officer at PeaceHealth Southwest Medical Center. Here's how.
Most organizations remain uncomfortable in letting their employees use their own mobile devices to access their IT systems. Yet, in many instances, those charged with securing their enterprises' IT understand that it's just a matter of time before they must grant workers permission to employ those devices.
Results from HealthcareInfoSecurity's inaugural survey show regulatory compliance being the No. 1 information security priority for the coming year. What steps should organizations start taking before regulatory audits begin?