Data In Motion: How "HITECH" Is Your Doctor or Dentist?
Andrew Stratton
February 08, 2010
America is embracing the future of technology and moving forward with healthcare advances. In 2009, the US government passed the Health Information Technology for Economic and Clinical Health (HITECH) Act and spent $19 billion dollars to encourage hospitals and physicians to move toward electronic health records. Not surprisingly, on top of the list for concerns with this act is patient privacy and HIPAA compliance. Protected health information is more vulnerable over email, FTP, and other internet routes than it was in the decades of fax and mail. Medical practitioners must keep up with encryption standards for the safety of their patients and their practice.
HIPAA requires two types of personal patient data to be protected: "data in storage" and "data in motion." "Data in motion" is especially vulnerable to breaches in internet lines and email or FTP security, leaving the valuable data available for malicious use.
One of the core features of the HITECH Act was to update breach notifications required for protected health information. As expected, this change affects doctors, dentists, individuals, covered entities, and business associates as defined under HIPAA. Previously, any breach of protected health information required that HIPAA (and the individuals) be notified of unauthorized disclosures or use of their information. Under the revised requirements, notification is only necessary if the information was not encrypted.
While financial penalties can certainly be significant, the real burden involves notifying the media and individuals of the breach. This can be damaging to a physician or clinic´s reputation, which can be potentially devastating to business and patient satisfaction. As such, physicians and medical practitioners should thoroughly review their software and technology to ensure it meets the needs of HITECH, HIPAA, and their patients.
Even though most medical practitioners do not employ a full team of IT personnel, they should consider a full audit of their current data encryption and security. "Cloud computing" is a popular option for smaller practices and hospitals. It involves a reasonable monthly fee and off-site maintenance with software accessible from an internet browser or email client. This may be the most cost-efficient option for physicians interested in protecting their patients and their bottom line.
Protect your data in motion within a trusted and cost effective HIPAA /GLBA compliant portal and ensure peace of mind as you securely exchange and archive protected health information or large data files. To know more, visit http://www.manage-trak.com
HIPAA requires two types of personal patient data to be protected: "data in storage" and "data in motion." "Data in motion" is especially vulnerable to breaches in internet lines and email or FTP security, leaving the valuable data available for malicious use.
One of the core features of the HITECH Act was to update breach notifications required for protected health information. As expected, this change affects doctors, dentists, individuals, covered entities, and business associates as defined under HIPAA. Previously, any breach of protected health information required that HIPAA (and the individuals) be notified of unauthorized disclosures or use of their information. Under the revised requirements, notification is only necessary if the information was not encrypted.
While financial penalties can certainly be significant, the real burden involves notifying the media and individuals of the breach. This can be damaging to a physician or clinic´s reputation, which can be potentially devastating to business and patient satisfaction. As such, physicians and medical practitioners should thoroughly review their software and technology to ensure it meets the needs of HITECH, HIPAA, and their patients.
Even though most medical practitioners do not employ a full team of IT personnel, they should consider a full audit of their current data encryption and security. "Cloud computing" is a popular option for smaller practices and hospitals. It involves a reasonable monthly fee and off-site maintenance with software accessible from an internet browser or email client. This may be the most cost-efficient option for physicians interested in protecting their patients and their bottom line.
Protect your data in motion within a trusted and cost effective HIPAA /GLBA compliant portal and ensure peace of mind as you securely exchange and archive protected health information or large data files. To know more, visit http://www.manage-trak.com
Print
Email
