Privacy & Security

ONC issues privacy and security guidance

Compliance, tips, HIPAA and cybersecurity all included
By Erin McCann
April 21, 2015
10:45 AM
During the HIMSS15 annual conference in Chicago last week, the Office of the National Coordinator for Health IT announced the release of a new and improved guide for securing electronic health information that hospitals, providers and business associates can integrate into their practice.

How to comply with MU security requirements, questions you should ask your health IT vendors and everything from cybersecurity and HIPAA to action plans and checklists are among the big highlights. 

 
Many useful tips, permitted use cases, compliance requirements and HIPAA explanations have been added since the last update, four years ago. 
 
 
The guide, as ONC Chief Privacy Officer Lucia Savage explained in a blog post, has been revised to include new "practical information" on topics such as cybersecurity, encryption, patient access and HIPAA privacy and security rules in action. The revised version also include information on compliance with the EHR Incentive Programs' security requirements. 
 
And for those looking for more guidance on what questions to ask your health IT vendors, look no further. 
 
The handbook "also offers suggested questions providers may want to ask their health IT developers or EHR companies so they can be confident that the systems they buy and use will meet their privacy and security needs," Savage explained.
 
Top of this list are questions such as: "How does my backup and recovery system work? How often do I test this recovery system? How much remote access will the health IT developer have to my system?" and "How much of the health IT developer's training covers privacy and security awareness, requirements and functions?"
 
 
According to a new Verizon data breach report that analyzed the healthcare vertical, physical theft or loss accounted for the lion's share, some 26 percent, of security incidents by pattern. Another 20 percent of security incidents were due to insider privilege and insider misuse; "miscellaneous errors" accounted for 19 percent. Other patterns noted in the report for the healthcare vertical were upticks in DoS and Web app attacks, at 9 percent and 7 percent respectively. 
 
Topics: 
Meaningful Use, Electronic Health Records (EHR, EMR), Privacy & Security, Government & Policy, Compliance & Legal

More regional news

Walmart store

Walmart announces closing of clinics and virtual care

By
Susan Morse
May 01, 2024
Hacker with glasses and hat looking at two screens with data and code

Ransomware was used in 72% of network intrusions last year, says BakerHostetler

By
Andrea Fox
May 01, 2024
Amanda Bury, chief commercial officer at Infermedica

Telemedicine, enabled with responsible AI, can improve the patient experience

By
Bill Siwicki
May 01, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Doctors review practice finances
LLMs are not ready to automate clinical coding, says Mount Sinai study

Most Read

WebMD acquires Healthwise to bolster patient engagement and growth
Zocdoc launches advanced partner program
Suki partners with Amwell on telehealth AI
How the Change Healthcare cyberattack is straining providers, and what the government can do
Memorial Healthcare finds success with switch to Epic-based telehealth vendor
HHS response to cash flow concerns from Change cyberattack inadequate, providers say

Research

White Papers

More Whitepapers

Compliance & Legal
Artificial Intelligence
Analytics

Webinars

More Webinars

Privacy & Security
Artificial Intelligence
Analytics

Video

Dr. Guido Giunti at Trinity College Dublin_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Novel digital therapeutics for MS empower patients
Kendall Brown at CenTrak_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
How HIMSS membership can grow healthcare careers
Ellen Arigorat at NewYork-Presbyterian Hospital Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
HIMSS Changemaker champions Filipino-American health literacy
Sponsored by Minsait
Gustavo Adolfo Torres Becerra at Minsait__Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Healthcare organizations need interoperability to give residents preventative care

More Stories

Health professional at desktop computer
How AI-powered systems can help physician groups improve coding – and earn more
Nurse huddle with tablet
Nurses have a deep distrust of AI – but transparency and training could help
Dr. Jonah Feldman at NYU Langone Health System_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Want to reduce readmissions? Personalize digital discharge guides
Gabriel Garcia-Lopez at the Los Angeles LGBT Center Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
From HIMSS conference attendee to 2024 HIMSS Changemaker
Kaiser building
Kaiser reports 13.4 million people affected by data breach
Stethoscope on tablet
HIMSSCast: The need for home care continues
Change Healthcare booth and sign
MGMA asks OCR: Hold UHG responsible for HIPAA breach notifications
A person in a suit holds graphic healthcare solutions in one hand, and a graphic of people in the other.
Vendor Notebook: Salesforce extends AI to public health services, DrFirst acquires Myndshft