Thursday, May 12, 2011

Electronic Medical Records Security and Privacy - Cover Story

"For the Record" has a good overview of the IT security issues healthcare organizations face as they transition from paper-based protected health information (PHI) to electronic protected health information (PHI).

Traditional approaches to detecting inappropriate access to electronic health records requires dedicated IT staff and burdens privacy and compliance officers with huge volumes of activity logs to investigate. The problem lies in static rules and scenarios that yield too many false-positives and false-negatives.

For example, traditional approaches cannot differentiate between appropriate access by a nurse looking at the records of a current patient and inappropriate access when the same nurse looks at the records of the same patient after the patient has been transferred to a different unit where the patient is under the care of a different nurse.

Only a combination of privacy training and a reliable medical snooping detection capability will deter unauthorized access by employees.

Read the rest of the article in For the Record
Download a white paper on medical records privacy breach detection as a service. Learn how an on-demand, pay-per-use service can cost effectively address the HIPAA/HITECH privacy and security rules - with no hardware and no on-site software.
Sources:
(a) Finding Holes in IT Security - For The Record, Vol. 23 No. 8 P. 10, April 25, 2011
(b) For The Record - Digital Edition - Vol. 23 No. 8 P. 10, April 25, 2011

No comments:

Popular Posts

Copyright © 2010-2017 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.