Privacy

In Case of Disaster, Break Glass

by Jerome Carter on April 30, 2012 · 0 comments

Backups are important. However, when things really go wrong, they alone are not enough.    “Disaster” may sound overly dramatic, but, in fact, catastrophic data losses are not rare.  Depending on where you live, floods, tornados, hurricanes or earthquakes are a fact of life.   Of course, man-made misery (e.g., viruses, tampering, sabotage) accounts for its share […]

{ 0 comments }

Encryption, an Ounce of Prevention…

by Jerome Carter on April 16, 2012 · 0 comments

Increasingly, data breaches are in the news.  Reports of stolen desktops, lost jump drives, and misplaced laptops seem to show up constantly.   If it seems that you are now hearing more about breaches than in years past, you are correct, and the HITECH Act is probably the major reason. One component of the privacy/security provisions […]

{ 0 comments }

The newly proposed rules for EHR certification, referred to by ONC as Certification Criteria for Electronic Health Record Technology, 2014 Edition, contains a few pleasant surprises that bode well for EHR users.   There are provider-friendly changes in how CEHRT is defined; a new security requirement that may help with data breaches; and comments on data […]

{ 0 comments }

HIPAA Requirements for Meaningful Use Objective 15

by Jerome Carter on December 12, 2011 · 0 comments

Each of the three previous posts in this series addressed a different aspect of security: information security principles, HIPAA changes in the HITECH Act, and the components of the HIPAA security rule. The subject of this post is meaningful use objective 15, which states: Objective: Protect electronic health information created or maintained by the certified […]

{ 0 comments }

Be Warned, Now HIPAA Has Teeth

by Jerome Carter on November 28, 2011 · 0 comments

Enacted in 1996, HIPAA has long been a source of irritation for healthcare organizations, but not much of a threat.    In fact, until recently, being hit by lightning was far more likely than being punished for violating any of the rule’s privacy or security provisions.  Naturally, many began to view HIPAA as a paper tiger.  […]

{ 0 comments }

Information Security: A Practical Guide

by Jerome Carter on November 9, 2011 · 0 comments

Information security is not a glamorous topic. However, HIPAA (1) has made it an unavoidable concern for those who use healthcare information systems.  Unfortunately, this very important topic is often presented in a way that is difficult to understand unless one is a security professional. My goal in this series of posts is to make […]

{ 0 comments }

Never Accept Cookies from Strangers

by Jerome Carter on October 24, 2011 · 1 comment

I like my privacy as much as the next guy, and I certainly do not appreciate anyone tracking my browsing habits without my knowledge. I became aware that I was being watched after shopping for lighting fixtures.  A few months ago, my wife and I looked at online lighting sites while trying to find a […]

{ 1 comment }