HIPAA – EHR Science

Security Nightmare: Small Practices and Ransomware

On: December 12, 2016

In: EHR Security, HIPAA, Small practices

For four years, ending in 2004, I was Director of Informatics for the HIV/AIDS clinic at the University of Alabama-Birmingham. During that time I led a project to create an EHR. Starting with one programmer and myself, over the course of my tenure, the staff grew to include an in-houseContinue Reading

The HIPAA Security Rule…Revisited

By: Jerome Carter

On: May 20, 2013

In: EHR Security, HIPAA

In the September 2011 blog post, The Challenges of Meaningful Use in Small, Independent Practices, I reported on a talk given to a group of primary care practitioners and how their questions indicated they were having difficulties understanding MU requirements. Perhaps the most surprising finding was that many attendees fromContinue Reading

EHR Design Basics: Tracking Data Changes and Accesses Using Audit Trails

By: Jerome Carter

On: January 28, 2013

In: Audit Trails and EHR Systems, Databases, e-Discovery, EHR Architecture, EHR Certification, EHR Data Quality, EHR Design, EHR Security, HIPAA, Software Development, Tutorials

Two weeks ago I wrote about the value of EHR timelines and audit trails. Today’s post takes that discussion a little further by demonstrating various ways of keeping track of data accesses and changes in EHR data element values. Of course, this functionality is useful for any clinical database thatContinue Reading

EHR Design, Timelines, and Audit Trails: Getting a Sense of What Has Happened

By: Jerome Carter

On: January 14, 2013

In: Audit Trails and EHR Systems, e-Discovery, EHR Architecture, EHR Certification, EHR Design, EHR Security, Electronic Health Record Systems, HIPAA, Meaningful Use, Tutorials

As EHR use increases, the number of complaints about incoherent paper printouts has grown. However, it isn’t just clinicians who are having problems. EHRs Prove a Difficult Witness in Court , an article from the Journal of AHIMA, details the legal headaches that can occur as a result of theContinue Reading

Encryption, an Ounce of Prevention…

By: Jerome Carter

On: April 16, 2012

In: EHR Security, HIPAA, HIPAA Privacy, Small practices

Increasingly, data breaches are in the news. Reports of stolen desktops, lost jump drives, and misplaced laptops seem to show up constantly. If it seems that you are now hearing more about breaches than in years past, you are correct, and the HITECH Act is probably the major reason. OneContinue Reading

Technical Safeguards in Certified EHRs

By: Jerome Carter

On: February 13, 2012

In: EHR Certification, EHR Security, HIPAA, Meaningful Use, Software Development

As someone starting a new software development project, I have a keen interest in ensuring that my product does not create HIPAA headaches for users. Complying with the Security Rule’s technical safeguards seemed like a good start, so I decided to review their implementation specifications while developing security requirements. The technical safeguardsContinue Reading

HIPAA Requirements for Meaningful Use Objective 15

By: Jerome Carter

On: December 12, 2011

In: EHR Security, HIPAA, HIPAA Privacy, Meaningful Use, Small practices

Each of the three previous posts in this series addressed a different aspect of security: information security principles, HIPAA changes in the HITECH Act, and the components of the HIPAA security rule. The subject of this post is meaningful use objective 15, which states: Objective: Protect electronic health information createdContinue Reading