Protecting PHI

Date: May 18, 2012
How hard is it to avoid a data breach? Read »

Provider associates need security plans, too

Date: May 15, 2012
So you’ve been working hard to firm up your IT security protocols and systems, and you’re feeling good about the progress you’ve made. Read »

Security study points to “checklist” mentality

Date: Apr 27, 2012
A new survey shows a continuing increase in healthcare data breaches. Read »

Partnership sets sights on IT security

Date: Mar 05, 2012
We pointed recently to a Ponemon study which noted, among other things, that “only 31 percent (of the survey’s respondents) believe that their management views privacy and data security as a top priority.” Read »

Security issues loom as transition continues

Date: Feb 03, 2012
This blog is largely focused on the nuts and bolts of the health IT transition. Read »

Standards institute offers HIPAA assistance

Date: Dec 01, 2011
Among the myriad questions providers encounter as they move to EHRs is how best to protect the privacy and security of their patients’ health information. Read »

High-resolution scanner integrates with EHR systems

Date: Oct 28, 2011
 DYMO Labeling has applied its technology to the healthcare market with this week’s launch of a high-resolution scanner designed to streamline workflow and help facilities meet HIPAA Privacy Rule guidelines for EHRs. The new scanner captures color images and patient information from driver’s licenses and insurance cards, and then stores it within a practice’s digital records. DYMO noted that the device eliminates the need to make unsecured photocopies of such ID cards. Read »

MGMA calls for HIPAA 5010 contingency plan to avoid physician practice cash flow disruption

Date: Oct 25, 2011
LAS VEGAS – According to research released by the Medical Group Management Association (MGMA) during the organization’s annual conference this week in Las Vegas, many physician practices and their trading partners have not yet coordinated the transition to HIPAA Version 5010 electronic transaction standards. MGMA called on the U.S. Department of Health & Human Services (HHS) to issue a contingency plan permitting health plans to adjudicate claims that may not have all the required data content. Read »

HIPAA vs. the Cloud

Date: Jul 29, 2011
Guest commentary
Since you are involved in healthcare IT, you know all about HIPAA and the responsibility it puts on the organization to protect patient information. In the early days of HIPAA regulations, there were only general guidelines and required outcomes to help direct IT departments in reaching compliance. The fact that most organizations maintained a “closed” system -- meaning they had their own data center with very little data being exposed outside of the organization -- made compliance relatively simple. Our biggest worry was the tape media being rotated out to our favorite offsite storage facility.
Read »

Lessons learned from theft of HHC electronic patient records

Date: Feb 17, 2011
The New York City Health and Hospitals Corporation's (HHC) revelation that electronic protected health information (PHI) of nearly 1.7 million people was stolen brings up a troubling aspect of the privacy and security of EHRs. Your organization can have sophisticated, thorough technology, processes and policies in place, but all it takes is one act of negligence by a business partner and you’re stuck with a big mess to clean up. Read »