The search found 4228 results.
Late last year, California enacted a new state law to help notify patients of potential breaches of their personally identifiable health information, requiring healthcare organizations to report suspected incidents of data breaches. The initial results are in, and it’s not pretty. According to the Journal of the American Health Information Management Association, California officials have received more than 800 reports of potential health data breaches in the first five months since the laws went into effect on January 1st. Of the 122 cases that have been investigated, 116 have been confirmed assecurity breaches. Officials expect the numbers to grow as more organizations put in the processes to report potential breaches.
Over at the Life as a Healthcare CIO blog, John D. Halamka MD captured a list of top barriers to electronic health record (EHR) implementations, then added on with another ‘Top 10’ that puts a little fun into the serious business of EHRs. Below are barriers that stood out to me from a data security and healthcare access management perspective, and I urge you to check out John’s blog for more specifics – definitely worth the read and a great source of information. The key Barriers to deploying EHR worth noting...
Imprivata OneSign Provides More Than 11,000 Clinicians with Fast Access to Patient Data from Anywhere in the Health SystemLEXINGTON, Mass.—February 16, 2010—Imprivata®, Inc.
The National Institute of Standards and Technology (NIST) recently put out a draft “Guide to Enterprise Password Management” for public comment for feedback and improvement. While it gives a lesson in password management history, it doesn’t quite break new grounds on prescriptive opinion.
Dave Kearns provided useful analysis of the NIST paper in his recent Managing Passwordsarticle on Network World, and a couple of nuggets of wisdom jumped out at me:
We often hear of security getting in the way when it comes to clinicians wanting immediate access to patient data. Since it's better to hear from one's peers, Imprivata asked some of its healthcare customers for tips on implementing single sign-on and strong authentication to eliminate password management headaches and how it facilitated making it easier for clinicians to get access to the records they need.
As we turn our attention to HIMSS 2009, we want to share our customers' advice, thoughts and concerns on how best to navigate through the employee access management obstacles:
We've found that the best resource for better understanding how to solve employee access management are our customers. So over the past week or so, as a few of our customers have shared details of their OneSign experiences, I thought you may want to hear what some of them are saying and doing...
A recent BankInfoSecurity article reported that the Massachusetts Data Protection Law has been delayed yet again, pushing the new effective date back to March 1, 2010. As part of the law, organizations are required to protect confidential data – social security numbers, driver license numbers and financial account/credit/debit card numbers – of Massachusetts citizens. The regulation covers all non-public data, regardless of how the company obtains the information.
HIMSS is right around the corner.
It's one of our favorite conferences of the year, as we get to see many of our healthcare customers all in one place. As I mentioned in my last post, if you're attending the conference this year, please plan to stop by our booth (#7339) and say hello, or check out the presentations by Imprivata's customers. OhioHealth and Southwest Washington Medical Center will be discussing the ‘Paperless Hospital' and ‘HIPAA Audits' respectively. With all the focus on healthcare now, what trends am I going to be looking for at HIMSS this year? Here are a few topics that our customers have shared with us:
2009 was a tough year with the global economic downturn resulting in unprecedented workforce reductions. As a result, security risk from insider breaches has never been greater. Now, as we look to turn the page to 2010, it’s already clear that organizations will continue to go beyond the traditional levels of network access security by implementing policies that require users to provide a second form of identity to gain access to IT resources.
The stimulus package recently signed by President Obama has been the cause for vigorous debate. One by-product of the package that has not been widely discussed is a provision that would reshape the medical industry by creating a central repository of computerized medical records for all American's. An increase in the level of electronic information of this magnitude exponentially raises the vulnerability of a security breach, which we'll focus on today.