You are here

Privacy & Security


Healthcare technology, while providing patients and professionals with advanced care solutions, has weaknesses in protecting patient information, according to the Top 10 Health Technology Hazards for 2018 report conducted by ECRI Institute.

Blockchain solutions have piqued interest of the healthcare industry, positioning the technology as a fix to interoperability, privacy and security issues. A report conducted by Black Book presented current and planned measures in the implementation of blockchain.

Maintaining a high level of security in electronic medical records (EMRs) requires physicians have unique user IDs and passwords, but, according to a study published in Health Informatics Research, 73.6 percent of physicians have received the password of another staff member.

Researchers are developing platforms to securely and quickly send data to and from smartphones. A new mobile application developed to assist providers in meeting patient privacy regulation allows for the sharing and storing of patient-related photos, videos and audio.

The lack of cybersecurity in mobile applications meant to assist dementia patients and their caregivers could put patients' personal health information at risk, according to researchers at McLean Hospitals in Belmont, Massachusetts, and clinicians at Harvard Medical School. A study in the American Journal of Geriatric Psychiatry examined app security policies and provided recommendations.


Recent Headlines

Top 10 patient safety concerns released by ECRI Institute

ECRI Institute has released its annual top patient safety concerns for 2017, which aims to identify potential threats to patient safety while addressing challenges and offering suggestions and resources to address them.

HIMSS 2017: Experts encourage efforts to improve cybersecurity, breach response

Cybersecurity was one of the many highlighted topics during HIMSS 2017 in Orlando, with a number of presentations focusing on industry efforts to secure patient information and still be able to share such information. Hussein Syed, chief security information officer at RWJBarnabas Health, and Ladi Adefala, MBA, senior security strategist at Fortinet, discussed how healthcare must adapt to protect patients.

HHS releases guide on reporting, monitoring cyber security

The Department of Health and Human Services (HHS) has released a letter regarding cyber threats faced by healthcare organizations, including reporting and monitoring practices.

Henry Ford, VisionIT offer mobile communication to clinicians

Henry Ford Health System and VisionIT have partnered to offer CareTrail, a mobile application, to improve communication between clinicians. The platform provides clinicians with a tool that offers on-call scheduling, availability updates and additional workflow optimizations.

HIMSS 2017: Boehner & Rendell lead list of big-name keynote speakers

It’s time once again for HIMSS to host hospital management engineers, administrators and other industry professionals at its 2017 annual meeting.  HIMSS17—which runs Feb. 19-23 at the Orange County Convention Center in Orlando—is scheduled to include a variety of networking events and educational sessions, headlined by four highly acclaimed keynote speakers.

HIMSS 2017: How one hospital prepared for, and survived, a ‘hacktivist’ cyberattack

Sometimes, hackers aren’t motivated by money when they go after patient records. Luckily for hospitals and health systems, even so-called “hacktivists” can be stopped with the same defenses that fend off other cyberattacks.

2016: The year of the data breach

The healthcare system faced an inceasingly common occurance in 2016, with a report by Protenus Breach Barometer claiming there was, on average, one data breach a day.

OCR clarifies HIPAA disclosure after Orlando nightclub shooting

HHS’s Office of Civil Rights (OCR) has clarified that HIPAA’s rules on disclosing protected health information (PHI) are not limited by the sex or gender identity of the patient or their loved ones.

Presence Health first to be fined for delayed breach notification

HHS’s Office of Civil Rights (OCR) announced its first HIPAA enforcement action based solely on a healthcare facility not reporting a data breach in a timely manner. 

Foreign government suspected in Anthem cyber security breach

The California Department of Insurance has released its findings and settlement agreement in regards to the security breach of the insurance company Anthem. More than 78 million patient records, 12 million belonging to minors, were breached on January 27, 2015.