Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

EHR and mobile device auditing, security requires vigilance

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 6 Sep 2013 07:40:29 +0000 (UTC)
http://healthitsecurity.com/2013/09/04/ehr-and-mobile-device-auditing-security-requires-vigilance/

By Dom Nicastro
Health IT Security
September 4, 2013
If you need a few reasons to adapt to the latest security advancements, just look at the calendar for September and circle the “23”. That’s compliance day for the HIPAA Omnibus Rule, which modifies the privacy, security and enforcement rules. There are 659 more reasons – one for every large patient-information breach – on the Office for Civil Rights (OCR) Breach Notification Tool as of late August.
Security today, naturally, goes beyond the traditional “shred the paper” techniques and two of the biggest issues are related to EHRs and mobile devices. HealthITSecurity.com caught up with a security officer whose organization is paying close attention to those two aspects of the securing protected health information (PHI) game. Nancy Davis, MS, RHIA, CHPS, system director of privacy and security for Ministry Health Care in Milwaukee, offered some details about some of the latest advancements her organization has made and how it ensures security. 


EHR access auditing
While the jury is still out on a final rule on accounting of disclosures and proposed EHR access reports, looking into auditing in EHRs is a must for organizations, Davis said. “Face it by now most organizations have the EHRs but are lagging in the auditing area either due to the constraints of the EHR application and/or the need to finance external auditing applications,” Davis maintained.
Ministry Health Care handles EHR access auditing through a combination of internal and external auditing applications. What’s a good first step if an organization is implementing this type of auditing? Have some type of tool – you have to have this. 

[...]


--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
Previous By Date Next
Previous By Thread Next

Current thread: