Security Risk Analysis: Updated Brief Available

The newly revised practice brief “Security Risk Analysis and Management: An Overview (Updated)” is available in the AHIMA Body of Knowledge. Tom Walsh, CISSP, author of the update, notes that the healthcare industry is showing a renewed interest in risk analysis as a result of the meaningful use program. “Conducting a risk analysis has been a requirement for healthcare organizations since the final HIPAA security rule was released in...

Read More

OCR Issues $4.3 Million Fine for Privacy Rule Violation

The Office for Civil Rights has fined Cignet Health of Prince George’s County, MD, $4.3 million for violations of the HIPAA privacy rule stemming from activities in 2008 and 2009. OCR charged Cignet with violating the rights of 41 patients by denying them access to their medical records.

Read More

After One Year of Breach Reporting, Theft Still Leads

With one year of breach reporting on the books this month, theft remains the most common cause of data breach in healthcare. Of the 241 large-scale breaches reported to the Department of Health and Human Services by February 20, 2011, 136 (56 percent) involved theft. Of those, nearly 100 involved a laptop, desktop computer, or network server. Lost equipment or records accounted for an additional 36 breaches. Together, loss and theft...

Read More

Wanted: Accreditor for Meaningful Use Certification Program

The application process has begun for organizations seeking to manage the meaningful use permanent certification program. The Office of the National Coordinator for Health IT has requested applications for the role of “approved accreditor.” Under the permanent program, one organization acting as the approved accreditor (or ONC-AA) will approve other organizations to certify health IT products. The approved accreditor will...

Read More

For Vendors, “Patient-Centered” Not a Problem for Now

In addition to encouraging providers to adopt EHRs, the federal meaningful use program nudges them to share more of the information they collect in their new systems with patients. That’s a shift in focus for both providers and vendors, who have concentrated on IT systems designed around the needs of clinicians. That nudging occurs in several of the measures related to engaging patients and their families in their healthcare. The...

Read More