Health Information Compliance Alert
What's The Biggest HIPAA Issue For EHR Implementation?
PDF
Question: What is the biggest issue you’ve seen with HIPAA and the electronic health record (EHR) implementation process?
Answer: “One of the problems that I’ve seen has to do with the security, the implementation that’s been done for the system itself,” Sheldon-Dean says. “I’ve seen that the vendor comes in to do a lot of the implementation.”
After the vendor leaves, make sure you review the security of all the EHR software, Sheldon-Dean advises. And make sure the vendor doesn’t leave the software open, “because I have run into situations where the vendors have left behind a relatively insecure installation.” Also ensure that the vendor configures the EHR correctly.
Another issue is remote access to the EHR. Make sure you have good controls for remote access and think about how you can secure all devices, Sheldon-Dean recommends. “Will there be any health information winding up on those devices or not, and then how can you secure those [devices] if you do wind up with health information on them?”
Although having the EHR available remotely to healthcare providers is often very useful, “just make sure you do that carefully,” Sheldon-Dean warns. “Have some good policies and procedures, and of course training for the individuals.”
Health Information Compliance Alert
- Case Study:
Watch Out For Sophisticated Malware Breaching Your Systems From Overseas
Pay attention: Massive breach teaches you four crucial lessons. The latest HIPAA breach is the [...] - EHRs:
Meaningful Use: Get Your 2014 CEHRT Now
Good news: You’re getting another year for Stage 3 compliance. If you’re not already using [...] - Ask Yourself 5 Questions To Gauge Your Breach Vulnerabilities
Tip: Look for all opportunities to encrypt PHI in your organization. Although many industry experts [...] - Reader Question:
What's The Biggest HIPAA Issue For EHR Implementation?
Question: What is the biggest issue you’ve seen with HIPAA and the electronic health record (EHR) [...] - Reader Question:
Does Breach Of Single Person's PHI Require Notification?
Question: What must we do in terms of breach notification if we mail a statement [...] - Enforcement News:
How Data Breach Settlement Sets 'Unfortunate Precedent'
Plus: How your BAs can get you into a big breach mess. Forget a class [...] - Reader Question:
Do BAs Need To Have HIPAA NPPs?
Question: Does a business associate (BA) need to have a HIPAA Notice of Privacy Practices (NPP)? [...]