Privacy & Security

Two healthcare cybersecurity experts who will be speaking at the upcoming HIMSS Healthcare Security Forum offer comprehensive advice on everything from breach containment to security operations centers.

Despite HIPAA's right of access rule, and CMS and ONC prioritizing consumer access in their forthcoming 21st Century Cures regs, a new scorecard shows that providers have some work to do.

While Google apparently signed a business associate agreement with Ascension, and the scope of the data sharing appears to be in line with HIPAA allowances, there are still many questions about how the patient information is being put to use.

An online survey from the Open Data Institute and YouGov published today, found that 59% of the British public trust the NHS and healthcare providers to use their personal data ethically.

Grahame Grieve, FHIR product director for HL7 International, says in addition to being a standard for exchanging healthcare data, FHIR is a community of people who aims to create a "public treasure" that we all own.

With the initiative, reportedly called Project Nightingale, the health system and tech giant have been collecting and analyzing detailed medical records, including names and birth dates, according to the Wall Street Journal.

Sharing of threat information across stakeholders helps create situational awareness – not just for individual organizations but for the healthcare industry as a whole, says one expert.

The health system will pay $3 million to settle with OCR and take corrective action after protected health information was left unencrypted on lost and stolen mobile devices.

Knowing what to do is only half the battle, say keynote speakers Michael Coates and Dr. John Halamka. Next month's event will also focus on how to make good practices ubiquitous.

The network-based cybersecurity technology acts as an early warning system, giving the CISO and his team a high degree of visibility into network activity.