Blog Archives

AHIMA issues health info management recommendations

The American Health Information Management Association (AHIMA) recently released a set of guidelines regarding data governance of what it calls “information assets.”  AHIMA asserts that the healthcare industry must manage the huge amounts of data it works with in an

Posted in ARRA, Higher Ed, HITECH Act, News, Privacy & Security Tagged with: , , , , , , , , , , , , , , , , ,

EHR access lost during Hurricane Sandy

Hurricane Sandy this week tested East Coast health care systems’ electronic infrastructure.  Emergency preparedness plans were implemented fairly successfully for most health care facilities, allowing them to continue to operate adequately.  Others, however, were negatively impacted, including some which lost access

Posted in ARRA, Higher Ed, HIPAA, HITECH Act, News Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Data mining by hospitals may be profitable, but not risk-free

The USA Today published a story yesterday about a few hospitals using aggregated consumer data for marketing of such hospitals’ most lucrative services. The article describes several instances where such direct marketing efforts yielded significant profits for the hospitals. We see

Posted in HIPAA Tagged with: , , , , , , , , , , , , ,

Nemours reports breach affecting 1.6 million individuals

Nemours, a children’s health system with hospitals in Pennsylvania, Delaware, Florida and New Jersey, reported a massive breach affecting 1.6 million people, including patients, employees, and vendors. Via Health Data Management: ‘On September 8, 2011, we learned that a locked

Posted in HIPAA Tagged with: , , , , , , , , ,

Major data breach at Stanford Hospital

A spreadsheet containing personal data of 20,000 emergency room patients of Stanford Hospital appeared on Student of Fortune, a Web site which “crowdsources” homework to other students online. The lost data included names, admission dates, diagnoses and other sensitive information.

Posted in HIPAA Tagged with: , , , , , , , , , ,

Study: Most data breaches are caused by insiders

A survey by Veriphyr, a provider of identity and access intelligence solutions, found that insiders were responsible for over 60% of data breaches of protected health information (PHI). Specifically, 35% of the PHI breaches were due to insiders’ snooping into

Posted in HIPAA Tagged with: , , , , , , , , , , , ,

Steve Fox interviewed by InformationWeek about EHR contracts

Our own Steve Fox was interviewed by InformationWeek regarding the essential protections healthcare providers should include in their EHR contracts with health IT  vendors.  In particular, Steve warned providers against simply accepting vendor agreements without carefully reviewing and negotiating the key

Posted in ARRA, Higher Ed, HITECH Act, News, Privacy & Security, Uncategorized Tagged with: , , , , , , , , , , , , , , , ,

HHS issues NPRM on HIPAA Privacy, Security and Enforcement Rules

On July 7, 2010, HHS issued a notice of proposed rule making (NPRM) regarding the changes to the HIPAA Privacy, Security and Enforcement Rules, as provided in the HITECH Act, in order “to strengthen the privacy and security protections for health information and to

Posted in ARRA, Higher Ed, HIPAA, HITECH Act, News, Privacy & Security Tagged with: , , , , , , , , , , , , , , , , ,

In the news

Kaiser Permanente and IBM inked a $500 million, seven-year IT services deal.  IBM will manage Kaiser’s data center operations, storage and software, but IBM will not have access to patients’ medical records.  AP, San Francisco Chronicle (March 17, 2009). A new study expects that

Posted in ARRA, Higher Ed, HITECH Act, News, Privacy & Security Tagged with: , , , , , , , , , , , ,