Q: I am concerned about the security of my facility, specifically, the security of core and third-party infrastructure devices. I hear stories on a weekly basis about “critical vulnerabilities” but I never know if I am affected, or if my potential vulnerabilities are being fixed. What should I do?
A: Your concerns illustrate one [...]

Q: How can I determine if my Disaster Recovery Plan is up-to-date and, most of all, still workable?
A: Everyone knows that having a well-documented Disaster Recovery Plan is a necessary part of doing business. But when was the last time you re-visited your plan, made sure that everything is still current with respect to [...]

In an article from the HealthLeaders Media website entitled, “The Medical Center at Bowling Green Warns 5,418 Patients of Stolen Health Information,” we learn that another healthcare facility is notifying patients of a breach in personal health information. This breach occurred with the theft of a computer hard drive in the mammography unit. [...]

For years – since HIPAA privacy rules were finalized actually – I’ve had my nemesis. I’ve never met her. Never heard her speak in a public forum. But everything I have read about that included a quote from her about the state of healthcare privacy laws in this country has led me to believe she [...]

What should be considered when granting access to a HCIS? How should we as a facility come to our conclusion?
Most, if not all, HCIS systems have an access granting component. When granting access to end users, facilities should take into consideration their current practices, patient care flows, roles of the end users, as [...]

As the use of the internet increasingly becomes a community blackboard, how does that affect the risk of privacy violations for provider’s patients? What are implications when a hospital employee has their picture taken with a patient and posts it on their Facebook? People are talking about patients they cared for on a [...]

I struggled for a week trying to come up with a topic for this week. Driving home last night from a Cub Scout meeting it came to me… a Top 10 to get us into 2010! Now, what stories in healthcare IT? Surely ARRA and HITECH. And defining and refining “meaningful use.” What about the [...]

Just in time for Halloween, the Department of Health and Human Services released an interim rule that helps HIPAA grow some fangs for enforcing violations. While the privacy advocates continue to say HIPAA doesn’t go far enough, at least this is a step in the right direction.
Georgina Verdugo, director of the HHS Office for [...]

Nearly 20 percent of Medicaid managed care plan provider CalOptima members learned this week that personal health information, including demographic and medical procedure codes, has gone missing. The copies of the information were stored on an unidentified type of electronic media and sent via the United States Postal Service by a claims scanning vendor. According [...]

Do you feel confident that you could restore data from the previous night’s backup? Here’s the situation: you flip the switch for overnight backup to begin. Everything is functioning as should be, all lights turn green that the backup has commenced. The next morning when files are checked for backup accuracy you [...]