Clinic Breach Involved Authorized User

Experts Offer Insights on Preventing Insider Incidents … The incident at Children’s Medical Clinics of East Texas spotlights some of the challenges involved with preventing breaches involving authorized users, says Tom Walsh, founder of the consulting firm tw-Security. “In this case, it is extremely difficult to prevent an authorized user from snooping or accessing patient […]

Read More

Texas Mental Health Center Hacked

Data on More Than 11,000 Patients Exposed While EHN says it doesn’t believe medical record information was exposed in the cyberattack, the fact that the exposed data included names of patients seeking mental health services presents a serious privacy concern for affected individuals, says Tom Walsh, founder of consulting firm tw-Security. “Any privacy breach is worrisome. However, […]

Read More

Analyzing ONC’s Interoperability Roadmap

10-Year Plan Shines Spotlights Privacy, Security Challenges … Security expert Keith Fricke, principal consultant at security consulting firm tw-Security describes the document as “a very good start in defining where things need to head,” but sees room for improvement. “A few areas of the roadmap were disappointing or concerning,” he says. “The roadmap sets expectations […]

Read More

Risk Analysis, Encryption Stressed in HITECH Act Final Rules

A Close Look at Guidelines for Safeguarding Patient Data … To guide healthcare providers, including smaller doctors’ offices, in conducting the Stage 3 risk analysis, the rule makes note of free tools and resources available to assist providers, including a Security Risk Assessment Tool developed by ONC and OCR. But the use of that tool is […]

Read More

Privacy, Security Obstacles to Health Data Exchange Persist

Report Identifies Challenges; ONC’s DeSalvo Offers Progress Report Taking Action Some security and privacy experts say that beyond the efforts of the federal government, the private sector must also take steps to overcome challenges related to EHR interoperability and secure health data exchange. “Healthcare organizations need to push harder for vendors to work toward better […]

Read More

OIG: Obamacare Data Repository Had Security Flaws

Weaknesses Found in System Used for Data Analysis Have Been Addressed … Some security experts say the security issues that OIG identified in MIDAS are relatively common at organizations across all business sectors and can put data at risk if not corrected. “While the MIDAS database is outside of Healthcare.gov, it stores a lot of confidential […]

Read More

Analysis: HHS’ Revised Strategic Health IT Plan

Do the Privacy and Security Provisions Come Up Short? … “The key to making this strategic plan something real lies in deriving well-defined tactical tasks accompanied by metrics measuring maturity and identifying gaps,” says Keith Fricke, principal consultant at tw-Security. “The credit card companies had that goal in mind when creating the Payment Card Industry […]

Read More

How Should DoD Secure Health Records?

Data Protection Strategies for New EHR Mega-Project … “Several security and privacy challenges exist as the DoD transitions from its old EHR to the new system,” says Keith Fricke, principal consultant at consulting firm, tw-Security. “Migrating from one EHR to another often involves importing historical data from the old system to the new one. The data […]

Read More