Overcoming Health Data Privacy Hurdle is Key for Healthcare

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://healthitsecurity.com/2015/04/30/overcoming-health-data-privacy-hurdle-is-key-for-healthcare/

Health data privacy and security problems are one of the top issues that
the healthcare industry is currently facing, according to former head of
the Office of the National Coordinator for Health Information Technology
(ONC) Dr. David Blumenthal.

Currently, Blumenthal is president of the Commonwealth Fund, and he
explained in a recent blog post on The Wall Street Journal that health IT
will have a hard time revolutionizing care unless health data privacy,
security, and interoperability issues are overcome.

“If people can’t trust the privacy and security of cloud-based health
records, they won’t feel comfortable using them,” Blumenthal wrote. “But
health-careinformation systems are currently no more secure than those of
retailers, banks or any other organizations connected to the Internet.”

Blumenthal added that current healthcare privacy and security regulations
“were conceived and implemented before the web existed,” and those
regulations aren’t able to offer adequate protections for today’s
healthcare organizations.

In terms of interoperability, Blumenthal explained that it is even more
crucial to have a smooth transition process as more facilities are using
EMRs, mobile devices, and personal sensors. All of these types of devices
need to be able to communicate clearly with one another, he said.

“Right now, many can’t exchange information,” Blumenthal said. “The reasons
are several but the most important is that health-care organizations are
fearful of sharing patients’ data since it will liberate their customers to
go elsewhere for their care.”

It is also detrimental when vendors charge fees for the secure exchange of
information. If healthcare organizations were able to share data across
different vendor products, then it would be much easier to switch out one
electronic health record for another, according to Blumenthal.

“Fortunately, these problems are mostly human in the making and can be
solved by humans if the will exists,” he said. “If we find a way, the
health-care future will be far brighter for all of us.”

Nationwide interoperability is an issue that the ONC is working toward, and
Chief Privacy Officer Lucia Savage underlined that point at HIMSS earlier
this month.

In an interview with HealthITSecurity.com, Savage said that individual
state laws and policies are a major hindrance in establishing nationwide
interoperability. Building a nationwide standard computerized system is a
long process, but one that the ONC is actively working toward.

“They want stuff to happen pretty fast,” Savage said, referring to some in
the industry who are enthusiastic, yet impatient about interoperability.
“But, when you’re talking about synchronizing policies and technologies,
provider behavior, consumer behavior, and culture change, that’s five
things you have to keep synchronized. That’s a lot of work and it takes
very careful planning.”

However, the ONC also updated its health IT privacy and security guide
earlier this month, which Savage said should help in improving health data
privacy and security.

“The privacy and security guide was the office of Chief Privacy Officer’s
attempt to take many of the guidances that historically had come from 2011
and compile it for small- to medium-sized practices,” Savage said.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!