BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Hospitals tighten security on patient data

From: security curmudgeon <jericho () attrition org>
Date: Thu, 19 Nov 2009 19:48:44 +0000 (UTC)


---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://fcw.com/articles/2009/11/18/hospitals-beefing-up-cybersecurity-to-comply-with-hitech-survey-says.aspx

By Alice Lipowicz
FCW.com
Nov 18, 2009

More than half of the nation's hospitals and health care providers 
surveyed intend to buy more cybersecurity tools to safeguard against 
breaches of electronic medical records as a result of requirements in the 
economic stimulus law, according to a new survey of 186 health care 
providers and associates.

The stimulus law has provision known as the Health Information Technology 
for Economic and Clinical Health (HITECH) Act, which took effect on Sept. 
23. It includes a broader definition of what patient health data must be 
protected against unauthorized release, increased penalties for violations 
and provides for aggressive enforcement. The law also requires providers 
to notify the Health and Human Services Department of all data breaches 
and to call media outlets if more than 500 residents in an area are 
affected.

As a result of the HITECH Act, 57 percent of the survey respondents said 
they would make additional investments in security tools or technologies, 
according to the survey by Healthcare Information and Management Systems 
Society Analytics released Nov. 17. The survey included got responses from 
150 executives with provider organizations and 26 executives with business 
associates.

More than 90 percent of the survey respondents said their organizations 
have either changed, or plan to change, their policies and procedures to 
prevent and detect data breaches. More than 75 percent plan to do 
additional staff training against breaches, and 75 percent are revising 
their organization's security policies and procedures. Forty-six percent 
said they would take all those steps.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php
Previous By Date Next
Previous By Thread Next

Current thread: