Here is latest monthly blog from the HIMSS Privacy and Security Committee…called PSST! Keep reading to learn more about this month’s topic –Encryption, by HIMSS P&S Committee member Nathan Gibson, CISA, CISSP, MCSE, CPHIMS,
Privacy and Security Officer, West Virginia Medical Institute.
In my previous blog post Managing Risk: Keep it Simple, I explained the importance of performing a security risk assessment. The post also discussed best practices for safeguarding protected health information which included encryption. That guidance was very brief, so the purpose of this post is to expand on the importance of using encryption.
Encryption is an important aspect of risk management due to the level of confidentiality and integrity that can be provided to your Protected Health Information (PHI) and other sensitive data which may be created, received, transmitted, or maintained. Encryption may also help provide safe harbor from breach notification, depending upon applicable state or federal law or regulation. So you are probably asking “what do I encrypt?”
By Scott MacLean, MBA, CPHIMS, FHIMSS
Chair, HIMSS Board of Directors
I’m pleased to be participating today in the CMS eHealth Summit, as part of a panel discussing health IT workforce issues. We’ll be discussing the HIMSS/AHIMA Healthcare Information Exchange (HIE) Staffing Environmental Scan, Trends in Health Information Exchange Organizational Staffing. That report showed that the most common staffing challenge across health information organizations is lack of available candidates, cited by 30% of study respondents. Continue reading
A number of experiences lead up to this move toward the Connected Patient. I have been active with HIMSS as a member since 2002. I was one of the coauthors of the HIMSS eHealth Special Interest Group (SIG) white paper in 2003 which may have been ahead of its time. I started blogging in 2006. Then I attend the first Health 2.0 conference in 2007 and became immersed in the world of startups and “user generated healthcare.” The next year (2008), I attended the Medicine 2.0 conference, shared podium with ePatient Dave, in his first rendition of “Gimme My Damn Data”; this was my introduction to ePatients and a broader use of Twitter as a way to stay connected to the conference attendees. Early involvement with Google Health also influenced my thinking about the potential for connecting patients with their data. Then I had my first presentation on social media and innovation in the Netherlands in 2009. Gaining this international perspective as well as an opportunity to engage with health IT professionals at HIMSS 2011, I continued to expand my community through social media contacts and conversations.
By Larry Ozeran MD, President, Clinical Informatics Inc.
HIMSS core objective as an organization is to improve healthcare quality and patient safety information technology. As hospitals and providers work to implement electronic health records and other IT and management systems, HIMSS is launching a blog series on health IT and patient safety to help providers and hospitals identify potential risks to patient safety that have resulted from problems with EHR implementations and mitigate those risks through proactive measures.
“If hospitals are basing patient safety efforts on the assumption that they can get people not to make mistakes, they’re misdirecting their resources. They should study where errors occur, identify which ones put patients at higher risk, [and] then, redesign systems.” Terry Fairbanks, MD, Director National Center for Human Factors Engineering in Healthcare, Health Data Management, Feb 2012.
The Federal government is heading toward their fourth round of announcements for their Medicare Shared Savings Program (MSSP) accountable care organizations (ACOs). Much has been made recently of initial findings from the MSSP and Pioneer ACOs. In a recent blog, “The Unicorn Is Here to Stay: Building ACOs for the Future,” HIMSS explores this exact question.
Dan Paoletti is the chief executive officer of the Ohio Health Information Partnership. He’s been at the helm of the non-profit, start-up since 2011, after serving as interim CEO, and for two years, as an Ohio Hospital Association representative on the board. He is a member of the HIMSS HIE Committee, and will be a speaker at the HIMSS Regional Event, “Beyond Stage One Meaningful Use Education,” which will take place on Tuesday, Dec. 3. A networking reception will be held in HIMSS Innovation Center on the 4th floor of the Global Center for Health Innovation from 5:30 – 6:30 p.m. EDT, followed by dinner and the education session on the 1st floor of the building.
It’s Thanksgiving, a U. S. holiday focused on just what the name implies – giving thanks for many things from food on the table to health IT…yes, information technology to improve health.
Jon Mertz of HL7 posted this question earlier in the week – “What are you thankful for around health IT”? Read his post to learn more.
HIMSS staff and members answered this question here on the HIMSS Blog. So, read on for a Thanksgiving update on thankfulness for health IT. Continue reading
Hear from HIMSS President/CEO H. Stephen Lieber, CAE, as he shares his health IT insights on Conversations in Health Care, a radio interview program focused on “opportunities for reform and innovation in the health care system. ” Continue reading
A little over a year ago, the results of the OpenNotes program were published in the Annals of Internal Medicine. Piloted with primary care physicians at three, large healthcare organizations, the research documented the thoughts of 170 physicians on sharing notes, and the experience of 38,000 patients on viewing them, over a period of one year. Leading this groundbreaking research, the interprofessional team included Jan Walker, MBA, RN, and physician Tom Delbanco, MD, who described what occurs when documentation is shared in an environment of transparency and patient-centered care. Continue reading
By Larry Ozeran MD, President, Clinical Informatics Inc.
HIMSS core objective as an organization is to improve healthcare quality and patient safety with information technology. As hospitals and providers work to implement electronic health records and other IT and management systems, HIMSS is launching a blog series on health IT and patient safety to help providers and hospitals identify potential risks to patient safety that have resulted from problems with EHR implementations and mitigate those risks through proactive measures.
The primary reason that the scenario discussed in our last blog quickly and cheaply is because the culture of the organization accepts that mistakes sometimes happen. Mistakes are rarely caused by a single point of failure. In this case study, better choices could have been made by the software vendor, as well as by the hospital during the selection process, the training, the software tuning and subsequent management.