Congratulations to tw-Security—2024 Best in KLAS® Security & Privacy Services!

We're #1! Thank you to all our partners and customers!

Privacy, Security Obstacles to Health Data Exchange Persist

Report Identifies Challenges; ONC’s DeSalvo Offers Progress Report Taking Action Some security and privacy experts say that beyond the efforts of the federal government, the private sector must also take steps to overcome challenges related to EHR interoperability and secure health data exchange. “Healthcare organizations need to push harder for vendors to work toward better […]

Read More

OIG: Obamacare Data Repository Had Security Flaws

Weaknesses Found in System Used for Data Analysis Have Been Addressed … Some security experts say the security issues that OIG identified in MIDAS are relatively common at organizations across all business sectors and can put data at risk if not corrected. “While the MIDAS database is outside of Healthcare.gov, it stores a lot of confidential […]

Read More

Analysis: HHS’ Revised Strategic Health IT Plan

Do the Privacy and Security Provisions Come Up Short? … “The key to making this strategic plan something real lies in deriving well-defined tactical tasks accompanied by metrics measuring maturity and identifying gaps,” says Keith Fricke, principal consultant at tw-Security. “The credit card companies had that goal in mind when creating the Payment Card Industry […]

Read More

How Should DoD Secure Health Records?

Data Protection Strategies for New EHR Mega-Project … “Several security and privacy challenges exist as the DoD transitions from its old EHR to the new system,” says Keith Fricke, principal consultant at consulting firm, tw-Security. “Migrating from one EHR to another often involves importing historical data from the old system to the new one. The data […]

Read More

Is Your Entity More Secure than HHS?

Experts: Gov Security Flaws Also Common in Private Sector … For instance, issues relating to CIO-CISO hierarchy also are widespread, says Tom Walsh, founder of his own security consulting firm. “We sometimes refer to this as, ‘the fox guarding the hen house,’” he says. “In some organizations, information security reports to other departments, such as […]

Read More

EHR Cyberattack Affected 3.9 Million

Investigation Reveals Far More Organizations Impacted … Security expert Tom Walsh, founder of the consulting firm tw-Security, says he is startled by how many victims and entities are affected by the breach. ” I was surprised at the number of entities affected and the total number of patients. Some of those entities affected are located […]

Read More

Preventing Insider Breaches at BAs

Experts Provide Tips for Reducing Vendor Risks … It’s impossible for covered entities to be 100 percent certain that BA employees aren’t inappropriately accessing protected health information, says Keith Fricke, principal consultant at tw-Security. “People are the weakest link in security; behavior contrary to company policy and poor choices in how privileged access is used […]

Read More

Shoring Up HealthCare.gov Security

With Obamacare’s Future Solidified, Privacy Fears in Spotlight … Health insurers, as well as health insurance exchanges and their related databases, are a potential target for hackers because “any collection of data that includes Social Security numbers is particularly vulnerable,” notes security expert Tom Walsh, founder of the consulting firm tw-Security. “Healthcare was doing a […]

Read More

Survey Shows Compliance Overconfidence

2015 Healthcare Information Security Today Survey Results … “Having a documented information security plan is important because it serves as ‘a roadmap,’” says Tom Walsh, founder of consulting firm tw-Security. “It’s laying the foundation, the groundwork as far as where the security program will be going in the immediate future, as well as further out.” […]

Read More

What The Departure Of ONC’s DeSalvo Would Means For Health IT

… Tom Walsh, security expert and CEO of consulting firm tw-Security, doesn’t believe DeSalvo’s move will be very disruptive, especially considering that her replacement will be part of the lame duck Obama administration. He personally expressed a desire that ONC will eventually pay more attention to data integrity issues, and not just interoperability.   For […]

Read More