Two new federal laws, ARRA and the HITECH Act, aim to do what many say HIPAA has failed to do for the past 14 years: force health care practitioners to get serious about protecting patient health care records. As well, the Obama administration aims to wean health care data off of paper and over to electronic medical records by 2011. Doctors say protection of patient privacy and confidentiality is an integral aspect of their professional practice. However, with budget challenges and lack of security awareness, many health care practices are a long way from compliance. This special ebook from SC Magazine examines how practices around encryption, privacy and security can aid health care practitioners.
Thus far, we’ve focused on manufacturing and retail, but another huge area for IoT attacks is the health care vertical. In the same way that operations and facility departments are not in the habit of having light bulbs and door locks approved by IT, their hospital counterparts are not used to getting standard medical systems,…
The Health Information Trust Alliance (HITRUST) announced Thursday that its Common Security Framework (CSF) is available free. According to HITRUST, open access to the CSF can help health care organizations comply with HIPAA and the HITECH Act, support health information exchanges, and address business associate risk. The CSF is a standard IT security control framework developed specifically for health care data. — CAM
Security experts agree that the health care industry is currently trying to digest a variety of data security and related laws, regulations and guidance. Adhering to standards is one thing, securing the infrastructure so that data leakage is thwarted is an entirely different ballgame. Many security tools are available to make the task easier, but appliances and software are only the beginning. Educating the workforce to be vigilant about security is another key ingredient. This latest eBook from SC Magazine examines specific ways that health care facilities - ranging from small clinics and medical offices to large, regional medical centers - can protect themselves from data losses due to cyber attacks, negligence and internal threats.