When it comes to keeping healthcare information private and secure, hospitals that focus primarily on regulatory compliance are making a huge mistake, says Sharon Finney, corporate data security officer for the 37-hospital Adventist Health System.
Widespread implementation of encryption is a top priority at Stanford Hospital and Clinics, thanks, in large part, to the "safe harbor" in the HITECH breach notification rule, says Michael Mucha, information security officer.
Shifting from desktop PCs to thin clients can provide a more secure way for clinicians to access electronic health records, says Dee Cantrell, R.N., chief information officer at Emory Healthcare in Atlanta.
In an interview, the CIO of the integrated delivery system, which is affiliated with Emory University and...
Connecticut Attorney General Richard Blumenthal has launched an investigation into an apparent breach by a radiologist who was taking information from one hospital where he formerly worked and using it to drum up business at another hospital.
An identity theft ring relied on a janitor to steal personal information from patient files at a Chicago hospital, authorities say.
As many as 250 patients were possible victims of identity theft at Northwestern Memorial Hospital in the year-long identity scam.
Using the stolen credit card and other...
Although many healthcare organizations are making broader use of encryption, they're typically taking a "wait and see" approach to encrypting their clinical databases, citing serious concerns about an adverse impact on performance.
Two consultants, however, argue that hospitals and clinics can apply encryption on...
A risk analysis should not be an annual event, but rather an ongoing process that's revisited whenever a healthcare organization adds or changes any application. That's the advice of Kenneth Bradberry, vice president and chief technology officer at ACS, a consulting firm recently acquired by Xerox.
UAB Health System in Birmingham, Ala., is tackling a long list of risk management projects, including updating intrusion detection and prevention systems.
In an interview, Terrell Herzig, HIPAA security officer, outlines priority projects and key lessons learned, including:
Expanding the use of...
Michael Frederick, chief information security officer at Baylor Healthcare System in Dallas, is using the HITRUST Common Security Framework to help ease the task of complying with multiple regulations.