Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and EHR for FREE!

EMR Security, Afghanistan EMR, and Regina Holliday EMR Video

Posted on August 26, 2012 I Written By

John Lynn is the Founder of the blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of and John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Time once again for our roundup of interesting tweets from around the EMR twittersphere. We really go around the world with one of these tweets. Hopefully you find them useful and interesting.

I don’t think most of you know that I’m also working on a redesign of my websites. It’s still got a little ways to go, but I think it’s coming together nicely. It’s going to add some features I’ve wanted for a while and make the design look a lot better. I’ve had the current design for more than 6 years, so it was time. One of the best features of the new website is Twitter embeds. I can’t wait!

Without further ado, a few EMR and health IT tweets with some of my own commentary:

I always love when people talk about the huge EMR security risk. When you look at the breach list and the healthcare data security issues, EMR barely shows up. There are so many other security issues with medical practices that are much more vulnerable. Not that we should give EMR security a pass, but EMR security is likely one of the most secure things in a medical office. So, this is good advice.

I always love to hear how the military uses EMR. They use EMR in some of the most challenging places imaginable. I think we can learn a lot from their experiences.

I think this is a really interesting contest by ONC. I’m looking forward to see more of the videos that are created. My fear is that most of the videos will be EHR companies that push their power EMR users to make something. We’ll see how it turns out.

EMR Data and Privacy

Posted on November 21, 2011 I Written By

Priya Ramachandran is a Maryland based freelance writer. In a former life, she wrote software code and managed Sarbanes Oxley related audits for IT departments. She now enjoys writing about healthcare, science and technology.

From, a post on Sen. Al Franken’s second hearing as chairman of the Senate Subcommittee on Privacy, Technology and the Law. Franken’s take was that federal agencies tasked with enforcing digital privacy are not doing so. While we might be aware on some subliminal level about the lack of enforcement, when presented in sheer numbers, the statistics are shocking.

According to the MinnPost article:

“Total, there have been 364 “major breaches” of 18 million patient’s private data since 2009, Franken said. Meanwhile, enforcement of data privacy laws have been lax — out of the 22,500 complaints the Health and Human Services Department has received since 2003, it’s levied only one fine and reached monetary settlements in six others. Of the 495 cases referred to the Department of Justice, only 16 have been prosecuted.”

Here on the HHS website, you can see all the breaches affecting 500 or more people (sort by Breach Date to see recent breaches). Even with all the rules around reporting, effectively, given the lack of enforcement, hospitals and care organizations stand to gain the most in this lax enforcement landscape. I’d be curious to know the process of fining and reaching settlements, whether it is proportional to the amount of data stolen/lost. More importantly, I’d like to know what organizations are doing differently if data thefts have been identified – the worst thing for an organization would be to pay the fine, and continue with the same faulty processes that led the breach in the first place.