Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

HIMSS: Insider Threats Still Biggest Health IT Security Worry

Posted on February 27, 2014 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

You can do whatever you like to lock down your data, but  it if they do they do it did buy a block of members of the earth is the work doesn’t go for all it takes is one insider who knows how to unlock it to create a serious security breach.

Results from the 2013 HIMSS Security Survey suggest that despite progress towards hardening security and use of analytics, healthcare organizations must still do more to mitigate the risk of insider threat, such as the inappropriate access of data via employees.

The HIMSS survey, which was supported by The Medical Group Management Association and underwritten by Experian Data Breach Resolution, surveyed 283 information technology and security professionals employed in US hospitals and physician practices. What the researchers found was that the greatest “that motivator” was that of healthcare workers potentially snooping into EMRs to find friends, neighbors, spouses or coworkers.

Given that healthcare IT leaders are particularly concerned about inappropriate use of health data by insiders, you won’t be surprised to hear that there’s been an increase use of several technologies related to access to patient data, including user access control and audit logs in each access to patient records.

But you may be surprised to learn that of the 51 percent of respondents increase the security of the past year, 49 percent of these organizations are still spending just 3 percent  or less of their overall IT budget on securing patient data.

Other findings from the HIMSS survey include that healthcare organizations are using multiple means of controlling employee access to patient information;  67 percent use at least two mechanisms, such as user base and role-based controls, for controlling access the data.

In 2014, Health IT Priorities are Changing

Posted on January 30, 2014 I Written By

The following is a guest blog post by Cliff McClintick, chief operating officer of Doc Halo. Cincinnati-based Doc Halo sets the professional standard for health care communication offering secure messaging for physicians, medical practices, hospitals and healthcare organizations. The Doc Halo secure texting solution is designed to streamline HIPAA-compliant physician and medical clinician sharing of critical patient information within a secure environment.

2014 is a major year for health care, and for more reasons than one.

Of course, some of the most significant reforms of the Affordable Care Act take effect this year, affecting the lives of both patients and providers.

But it’s also a year in which health care institutions will come to grips with IT issues they might have been putting off. Now that many organizations have completed the electronic health record implementations that were consuming their attention and resources, they’re ready to tackle other priorities.

Expect to see issues related to communications, security and the flow of patient information play big in coming months. At Doc Halo, we’re already seeing high interest in these areas.

Here are my predictions for the top health IT trends of 2014:

  • Patient portal adoption. Web-based portals let patients access their health data, such as discharge summaries and lab results, and often allow for communication with the care team. Federal requirements around Meaningful Use Stage 2 are behind this trend, but the opportunity to empower patients is the exciting part. The market for portals will likely approach $900 million by 2017, up from $280 million in 2012, research firm Frost & Sullivan has predicted.
  • Secure text messaging. Doctors often tell us that they send patient information to their colleagues by text message. Unfortunately, this type of data transmission is not HIPAA-compliant, and it can bring large fines. Demand for secure texting solutions will be high in 2014 as health care providers seek communication methods that are quick, convenient and HIPAA-compliant. Doc Halo provides encrypted, HIPAA-compliant secure text messaging that works on iPhone, Android and your desktop computer.
  • Telehealth growth. The use of technology to support long-distance care will increasingly help to compensate for physician shortages in rural and remote areas. The world telehealth market, estimated at just more than $14 billion in 2012, is likely to see 18.5 percent annual growth through 2018, according to research and consultancy firm RNCOS. Technological advances, growing prevalence of chronic diseases and the need to control health care costs are the main drivers.
  • A move to the cloud. The need to share large amounts of data quickly across numerous locations will push more organizations to the cloud. Frost & Sullivan listed growth of cloud computing, used as an enabler of enterprise-wide health care informatics, as one of its top predictions for health care in 2014. The trend could result in more efficient operations and lower costs.
  • Data breaches. Health care is the industry most apt to suffer costly and embarrassing data breaches in 2014. The sector is at risk because of its size — and it’s growing even larger with the influx of patients under the Affordable Care Act — and the introduction of new federal data breach and privacy requirements, according to Experian. This is one prediction that we can all hope doesn’t come true.

To succeed in 2014, health care providers and administrators will need to skillfully evaluate changing conditions, spot opportunities and manage risks. Effective health IT frameworks will include secure communication solutions that suit the way physicians and other clinicians interact today.

Doc Halo, a leading secure physician communication application, is a proud sponsor of the Healthcare Scene Blog Network.