By Adam H. Greene, JD, MPH, partner and co-chair of the Health Information Practice of Davis Wright Tremaine LLP and former Senior Health Information Technology and Privacy Specialist at the HHS Office for Civil Rights, where he was responsible for applying the HIPAA Privacy, Security, and Breach Notification Rules to health IT.
If you are reading this, then it is likely that you, or someone...
Happtique, subsidiary of the Greater New York Hospital Association’s for-profit arm GNYHA Ventures, has suspended its mobile health app certification program after the CEO of a health IT firm posted a blog post exposing security issues with two apps Happtique had certified as secure. Harold Smith III, CEO of Monkton Health, posted the findings on his personal blog, according to a report over at...
Although the Department of Health and Human Services (HHS) recently updated the HIPAA privacy rule for the first time in more than a decade, the regulations still are not flexible enough to keep up with the pace of innovation in digital health, according to a newly published commentary in the Journal of the American Medical Association (JAMA). Plus, the authors contend, the new requirement that...
Source: KLAS
No surprise here: A new report from KLAS Research suggests that health care providers are concerned about security in the increasingly BYOD mobile healthcare environment.
Of the 105 CIOs, IT specialists, and physicians surveyed, 70 percent used mobile devices to access their electronic health records, including customers of nearly every major EHR (Epic, Cerner, GE, Allscripts,...
Newly finalized rules for Stage 2 of the "meaningful use" electronic health records (EHR) incentive program take into consideration some of the ways mobile technology has changed how healthcare professionals and patients access health information.
Notably, the 672-page rule, which the Centers for Medicare and Medicaid Services (CMS) released Thursday, requires providers to conduct a risk...
In developing policies for managing data handled by and stored on mobile devices, healthcare organizations should look beyond privacy and security and consider the legal ramifications of mobile health information, the American Health Information Management Association (AHIMA) says.
"While much has been written stressing how extremely important security and privacy issues are in the use of mobile...
ONC's Dr. Farzad Mostashari
Most mobile phones on the market today meet no more than 40 percent of security requirements -- such as those called for by HIPAA or proposed "meaningful use" Stage 2 standards -- in the out-of-the-box configurations, according to the Office of the National Coordinator for Health Information Technology.
And even after being manually configured, only iPhone and...
Department of Veterans Affairs CIO Roger Baker may have circumvented around some federal protocols in deploying iPhones and iPads to VA personnel, but he did not violate strict security standards, according to an audit by the department's Office of Inspector General.
In rolling out mobile devices to physicians and other VA personnel last year, the department knew that neither Apple iOS nor the...
Last week the US Department of Homeland Security issued a policy paper that highlights the various security and privacy concerns that surround the use of mobile devices in healthcare and connected medical devices. DHS paints a rather grim picture of the current trend, including a warning against BYOD:
"If IT administrators don’t implement the correct mobile device for the right job or are slow to...
Purdue University Professor Anand Raghunathan
Researchers working at Purdue University and Princeton University have developed a proof-of-concept device, called MedMon, that blocks hackers from hijacking or interfering with wireless medical devices, like pacemakers, insulin pumps, or brain implants. The researchers were motivated to work on the problem after discovering how easy it was for...
