Tag: PHI Breaches

Challenges to Emerging Health Technologies

Steven Chau
Steven Chau

Guest post by Steven Chau, CTO and co-founder, Doctor Quickly.

Healthcare is one of the last industries to be disrupted by technology. Although unprecedented levels of biomedical knowledge, surgical procedures, and condition management have been amassed, we are not using them to their potential to create the tools to improve healthcare experiences. A balance of privacy and policy regulations with technology is the key to creating a secure yet efficient healthcare system.

The State of Healthcare

A staggering portion of healthcare costs are wasted. According to the Institute of Medicine (IOM), $765 billion or 30 percent of the 2009 total U.S. healthcare spending was wasted. Key areas that were tracked include unnecessary services, services inefficiently delivered, prices that are too high, excess administrative costs, missed prevention opportunities and medical fraud.

Key findings:

Additionally, there will not be enough physicians in the next few years to meet the growing demand. The Association of American Medical Colleges (AAMC) projects a shortage of 62,000 physicians by 2015. This shortage is expected to increase to 91,000 by 2020. This physician deficit is due to an aging Boomer Baby population, the insuring millions of new patients through the Affordable Card Act, and the retiring of a large number of doctors in the coming decade.

Technology can curb inefficient health management, increase knowledge sharing, and improve access to a shrinking physician pool.  However, proper precautions must be taken to safeguard patient information privacy while empowering healthcare providers to provide more efficient care.

HIPAA

Healthcare technology is largely regulated by the Health Insurance Portability and Accountability Act (HIPAA). It was created in 1996 to protect the privacy of electronic patient data, known as protected health information (PHI) and to restrict access to PHI. Predating the iPhone by 10 years, the HIPAA rules were strengthened in 2013 to increase rigor on de-identifying PHI, to broaden HIPAA’s reach to include all entities that touch PHI directly and indirectly, and to notify affected parties if a PHI breach has occurred.

Continue Reading

Five Tips to Prevent PHI Breaches From Becoming Your Business’ Achilles Heel

Jay Atkinson
Jay Atkinson

Guest post by Jay Atkinson, CEO, AIS Network.

The recent theft of 4.5 million medical records by Chinese hackers coupled with the news that as-yet unidentified hackers were able to penetrate the U.S. government’s health care portal have ignited consumer concerns about the safety of health care records – and rightly so.  No patient should have to worry that his or her protected health information (PHI) may fall into the hands of thieves.

The medical industry experiences more security breaches than any other U.S. industry today, serving to undermine public confidence in electronic health records and the industry at large. Last year alone, more than 7 million patient health records were breached, up 138 percent over the previous year, according to a February report by IT security consultant Redspin. Theft or loss of unencrypted portable computing devices (i.e., laptops) or digital media containing PHI was the leading cause of PHI data breach, impacting 83 percent of records breached. Unauthorized access and hacking incidents impacted less than 7 percent of records breached.

It’s reassuring to see the industry break new ground in studying security flaws and addressing vulnerabilities.  For example, the Health Information Trust Alliance (HITRUST) teamed with the Department of Health and Human Services (DHHS) last spring to lead CyberRX, a series of no cost, industry-wide exercises designed to simulate cyber attacks on participating health care organizations and help them identify weaknesses in preparedness. Two important findings emerged:

Continue Reading