Blog Listing

HIT Policy Committee Consumer Choice Technology Hearing Recap
HIT Policy Committee Consumer Choice Technology Hearing Recap
Last week, I attended the Privacy and Security Tiger Team Health Information Technology Policy (HIT) Committee Consumer Choice Technology Hearing in Washington, D.C. The gathering brought together an impressive group of healthcare industry leaders, patient data privacy advocates and HIT vendors to discuss technologies that enable consumers to choose whether or not to share their information in health Information Exchanges (HIEs). Here are few things worth highlighting from the conference...
Even Spies Have Password Management Problems
Even Spies Have Password Management Problems
Catching up on some news from last week and I thought Tim Greene’s article in Network World was an interesting piece on the Russian spy ring story that is currently grabbing headlines. One of the most glaring errors made by one of the spy defendants was leaving an imposing 27-character password written on a piece of paper that law enforcement officers found while searching a suspect's home. They used the password to crack open a treasure trove of more than 100 text files containing covert messages used to further the investigation.
The Impact of New HHS Rules for Health Information Privacy and Security
The Impact of New HHS Rules for Health Information Privacy and Security
The U.S. Department of Health and Human Services (HHS) recently announced new rules surrounding health information privacy and data security that is important for everyone involved in healthcare IT (HIT) to understand. By now, you’ve likely seen these rules, however the Healthcare IT Consultant blog has a nice synopsis of the news that drills down into the aspects most relevant for those in the Imprivata community. Pulling the key points from that blog and summarizing the primary requirements of the rules, here are some things to consider...
Secure User Access and VDI: Improving Productivity with Secure “Follow-Me” Desktops
Secure User Access and VDI: Improving Productivity with Secure “Follow-Me” Desktops
This week Imprivata announced its partnership with VMware, an exciting time for our company as more and more customers and prospects inquire about combining virtual desktops with simplified and secure user access to improve user productivity. Partnering with a market leader like VMware presents a great opportunity for both organizations to deliver a secure working environment that allows end users to access their desktops from machines in any location.
The DLP Argument for VDI in Healthcare
The DLP Argument for VDI in Healthcare
Steve Coplan of The 451 Group recently published a terrific report on Virtual Desktops that examines the intersection of management and security. Steve hit the nail on the head in describing the importance of user authentication in securing virtual desktops. This is especially relevant in healthcare, which is rapidly adopting virtual desktop access (VDA) to improve clinician productivity and secure patient data. We were also pleased that Steve mentioned the work Imprivata is doing with VMware around fast, seamless user access for virtual desktops...
Imprivata at VMworld 2010: Healthcare IT Panel; OneSign, Multiple Booths; Booth Giveaways
Imprivata at VMworld 2010: Healthcare IT Panel; OneSign, Multiple Booths; Booth Giveaways
We’re about to hit the virtual road out to San Francisco for VMworld 2010 next week, and are excited for the many activities and conversations that are lined up for our team at the event. If you’re going to the event, stop by booth #441 for a chat about securing user access in virtual desktop environments, or a demo of the integration of VMware View and Imprivata OneSign. We’d love to share ideas, perspectives and experiences onsite! I thought I’d call out some things you may want to check out as you navigate through the clouds of people milling around the various sessions, booths and labs within the Moscone Center...
Catch a Tiger Team by the Tail: Patient Consent at the Intersection of HIE, PHI and CYA
Catch a Tiger Team by the Tail: Patient Consent at the Intersection of HIE, PHI and CYA
Catching up on some reading after a few weeks on the road, most notably at VMworld 2010, I read Joseph Goedert’s Health Data Management article on the Privacy and Security Tiger Team’s recommendations for privacy issues that were sent to The Office of the National Coordinator for Health Information Technology (ONC). The core recommendations focus on how to empower patient consent and how to ensure appropriate use and exchange of personal health information (PHI) by care givers and business associates – all in the name of good data stewardship – as ONC encourages adoption of healthcare IT.
VMworld 2010: Virtual Roads. Actual Clouds. Amazing Event.
VMworld 2010: Virtual Roads. Actual Clouds. Amazing Event.
VMworld 2010 in San Francisco this week was an amazing event, with more than 17,000 attendees converging on the Moscone Center to share innovations, ideas and experiences with virtualization technologies. While the healthcare industry was well-represented at the event, we were excited by the variety of conversations with people from other industries such as credit unions, retailers and life sciences. People at the event showed both an enjoyment for sharing their use of virtual environments with their hunger for new innovations to improve the experience. Some key themes that seemed to trend across the event included...
Drive EMR Adoption and Increase IT Security - Webinar
Drive EMR Adoption and Increase IT Security - Webinar
On Wednesday, November 10th at 1:00 PM EST, I am fortunate to host Kristi Roose, IT director at Mahaska Health Partnership on a webinar where Kristi will share her insights on how to successfully deploy an EMR and help satisfy the requirements of meaningful use and the privacy and security standards embedded in the HITECH Act.
Study Finds Security and Privacy is Low Priority for Health Care Organizations
Study Finds Security and Privacy is Low Priority for Health Care Organizations
The recent Ponemon Institute benchmark study on patient data privacy and security practices sheds some much-needed light on the practice of data protection within our nation’s hospitals. According to the study, today’s hospitals have little confidence in their ability to secure patient records, revealing just how vulnerable they are to data breaches – a concern for all patients. Highlighted are some of the key findings...
Improve Clinician Productivity and Secure Access to EMR Applications - Webinar
Improve Clinician Productivity and Secure Access to EMR Applications - Webinar
Are you interested in improving clinician productivity and securing access to NextGen EMR applications?
Mahaska Webinar - Q&A
Mahaska Webinar - Q&A
Last month, Kristi Roose from Mahaska Health Partnership joined me for a live webinar that discussed deploying SSO and Strong Authentication, and the steps you can take to get to Meaningful Use faster. If you missed the webinar, you won't want to miss this -- we've gone ahead and transcribed our answers from the Q&A session. Question 1: How long did it take to roll a unit out to all the departments and how long did it take to see acceptance to the change? Answer: We approached these rollouts one unit at a time, and the time frame depended on the number of users. Usually it took about 1-2 weeks per unit to make sure that everyone was comfortable with the product. Once the unit was rolled out acceptance was immediate; customers were grateful for the product and relieved to be able to access data more easily. It was a relief for their workflow.
The Meaning Behind Meaningful Use
The Meaning Behind Meaningful Use
There' s been a lot of talk and focus on the Meaningful Use provisions of the HITECH Act. I worry that we're becoming too focused on the details of Meaningful Use, and losing the bigger picture. The government instituted the Meaningful Use criteria and incentives because they believe that electronic medical records can improve quality of care and access to care – but only if the EMR solutions are actually deployed and used. Hence Meaningful Use.
EMR Adoption.. How Fast?
EMR Adoption.. How Fast?
Recent survey results released show only 50.7% of U.S. hospitals with implemented electronic medical records (EMRs). While transitioning to a paperless system seems to be a logical evolution in the health care system, the rather slow rate of EMR adoption does not surprise me. Even with the passage of the Health Information Technology for Economic and Clinical Health Act (HITECH) in February 2009 which attached a monetary incentive to implementation, technologies that do not seamlessly fit into clinicians’ day-to-day activities, improve patient care, and enable them to work more efficiently fail to achieve widespread acceptance. In order to improve EMR adoption rates in the U.S., we must provide doctors with tools that do not disrupt time spent with the patients, while enhancing their ability to access vital information quickly and efficiently.
A Look Back at 2010: An Award-winning Year at Imprivata
A Look Back at 2010: An Award-winning Year at Imprivata
Imprivata experienced a record-breaking year in 2010, punctuated by several prestigious awards and first place ratings from leading industry organizations. These honors underscore our dedication to providing customers and partners with exceptional technology and services, and help to further define Imprivata as the leader in single sign-on (SSO) and access management. We are extremely proud of these accolades, and wanted to share with you a few of the high points from 2010...
Checklist for Healthcare IT Security Compliance Webinar - Q&A
Checklist for Healthcare IT Security Compliance Webinar - Q&A
Last week, ecfirst's CEO, Ali Pabrai joined me for a live webinar that discussed a checklist for healthcare IT Security compliance. If you missed the webinar, you won't want to miss this -- we've gone ahead and transcribed our answers from the Q&A session. Question 1: Where can I go to find out exactly which set of rules / regulations apply to my business? There are so many different ones which change often that it's difficult to stay current. Answer: That is one of the areas that must be addressed in a comprehensive risk analysis activity. It’s critical to keep up with HITECH Act changes. The best source is the OCR site at www.hhs.gov. Also, it’s important to keep up with State regulations, especially CA, Massachusetts, etc.
How Can Agencies Achieve CJIS Compliance?
How Can Agencies Achieve CJIS Compliance?
As we all know, the CJIS policy is now final and mandates that all agencies must have enforced unique IDs strong passwords by September, 2010, and that all agencies must comply with the CJIS Advanced Authentication requirement by 2013. However, if your agency has performed a system upgrade after 2005, the 2013 deadline advances to the time of the upgrade. If your agency is audited and found not to be in compliance with the CJIS policy, it could face losing access to CJIS systems.
Verity Credit Union Live Webinar - Q&A
Verity Credit Union Live Webinar - Q&A
Security compliance often requires complex passwords – causing user frustration and helpdesk calls. Jon Wu, System Engineer at Verity Credit Union, joined me for a webinar on how SSO helped Verity increase user productivity and customer satisfaction. Below is the transcribed Q&A from the webinar. View the full webinar here Question 1: Did auditing play a role in your decision to buy single sign-on, and has it helped with reporting on user access? Answer: Yes it did. When we first mentioned that we would be getting a password program, users were nervous. They thought, “is this password program going to remember all of my passwords and keep it secure?” When we presented to Imprivata, they said no problem, it’s all taken care of. From end to end the passwords are encrypted. Imprivata takes care of both situations, and we don’t have to worry about it being exposed in any way.
Increase Physician Adoption of EHRs
Increase Physician Adoption of EHRs
On April 21st, the HIT Policy Committee Certification/Adoption Workgroup held a meeting to discuss Electronic Health Record (EHR) usability.
Ponemon Institute Study Quantifies How Single Sign-On Can Save Hospitals Time and Money
Ponemon Institute Study Quantifies How Single Sign-On Can Save Hospitals Time and Money
Study spotlights the value of single sign-on solutions for hospitals seeking meaningful use credits. An eye-opening new study that was just released from the Ponemon Institute revealed roughly 60 percent of the more than 400 healthcare IT respondents believe that single sign-on (SSO) solutions support their organizations’ efforts to demonstrate the “meaningful use” of EMR adoption.