Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and EHR for FREE!

Health IT Security: What Can the Association for Computing Machinery (ACM) Contribute?

Posted on February 24, 2015 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

A dazed awareness of security risks in health IT has bubbled up from the shop floor administrators and conformance directors (who have always worried about them) to C-suite offices and the general public, thanks to a series of oversized data breaches that recentlh peaked in the Anthem Health Insurance break-in. Now the US Senate Health Committee is taking up security, explicitly referring to Anthem. The inquiry is extremely broad, though, promising to address “electronic health records, hospital networks, insurance records, and network-connected medical devices.”
Read more..

EMR Data and Privacy

Posted on November 21, 2011 I Written By

Priya Ramachandran is a Maryland based freelance writer. In a former life, she wrote software code and managed Sarbanes Oxley related audits for IT departments. She now enjoys writing about healthcare, science and technology.

From MinnPost.com, a post on Sen. Al Franken’s second hearing as chairman of the Senate Subcommittee on Privacy, Technology and the Law. Franken’s take was that federal agencies tasked with enforcing digital privacy are not doing so. While we might be aware on some subliminal level about the lack of enforcement, when presented in sheer numbers, the statistics are shocking.

According to the MinnPost article:

“Total, there have been 364 “major breaches” of 18 million patient’s private data since 2009, Franken said. Meanwhile, enforcement of data privacy laws have been lax — out of the 22,500 complaints the Health and Human Services Department has received since 2003, it’s levied only one fine and reached monetary settlements in six others. Of the 495 cases referred to the Department of Justice, only 16 have been prosecuted.”

Here on the HHS website, you can see all the breaches affecting 500 or more people (sort by Breach Date to see recent breaches). Even with all the rules around reporting, effectively, given the lack of enforcement, hospitals and care organizations stand to gain the most in this lax enforcement landscape. I’d be curious to know the process of fining and reaching settlements, whether it is proportional to the amount of data stolen/lost. More importantly, I’d like to know what organizations are doing differently if data thefts have been identified – the worst thing for an organization would be to pay the fine, and continue with the same faulty processes that led the breach in the first place.

EHR Incentives (HITECH Act) Likely Safe With New Congress

Posted on November 8, 2010 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Gov Info Security recently published their thoughts on the possible effects of the new Congress on the EHR incentive money known as the HITECH act.

Republicans, however, have made it clear that they’ll look for any opportunity to repeal some or all of the healthcare reform package. Observers say that means the HITECH Act likely won’t get as much attention, even though the EHR incentives are funded by President Obama’s economic stimulus package.
“One of the things that the Republican ‘pledge to America’ includes is a plan to take away any unobligated stimulus money,” says Dave Roberts, vice president of government relations at the Healthcare Information and Management Systems Society. “I don’t think that’s going to apply to the HITECH provisions. Folks on the Hill tell me that health IT is a bipartisan issue. Democrats and Republicans see it as a way to improve healthcare.”

Nevertheless, Republicans will closely scrutinize all spending, Roberts acknowledges. “And they’re going to take a close look at all the provisions of the HITECH Act to make sure they’re being implemented as directed by Congress.”

Even if the presumed new speaker of the House, John Boehner, R-Ohio, was to push for spending cuts, such as eliminating the EHR incentives, getting such a proposal approved would prove very difficult, Roberts argues. “With the two chambers of Congress controlled by different parties, getting them to agree on something will be next to impossible,” he says.

In addition, President Obama, who is strongly supportive of healthcare IT, likely would veto any cuts in HITECH spending, notes Rob Tennant, senior policy adviser for the Medical Group Management Association. And overriding a veto would prove extremely difficult.

I tend to agree. Certainly something crazy could happen (it’s government work after all), but I think the likelihood of HITECH Act funding being taken away is pretty slim. As it describes above, it would take a really unique piece of legislation to get it through the house, senate and then the President. I just don’t see that happening at all.

Plus, I thought the point of the money being so far along in the regulation process is another good reason. Although, since checks haven’t been paid out yet, I’m guessing that there’s still potential that they’ll put it on hold. Just seems really unlikely to me.

2010 Election Results Impact on EMR Stimulus Money and Other Health IT Policy

Posted on November 3, 2010 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Many in the health care IT and EMR world have been waiting to see the election results from last night. There’s been a reasonable fear about what impact the election results might have on the EMR stimulus money and other healthcare IT policies. The HIMSS blog described some of the details of the changes we saw last night:

The United States Senate has stayed in Democratic control, but with a much smaller majority. Senate Majority Leader Reid from Nevada survived a tough re-election, but is much weakened going forward. Senate Democrats will now have to look at whom they want to lead the Senate over the next two years. They will vote by secret ballot in the near future.

The United States House of Representatives will now be controlled by the Republicans when the 112th Congress convenes in January 2011. President Obama called the presumptive next Speaker of the House, Rep. John Boehner, last evening to congratulate him on his party’s victory and promise to work with him. With the House and Senate held by different parties, compromise will be even harder to find in the 112th Congress.

The current 111th Congress will reconvene in a few weeks to complete unfinished business before adjourning permanently either this month or next month.

I’m not so sure I agree that Reid has been weakened so much by the results of this election. He won and he’s seen as a guy who is great at strategy in Washington. So, I have a feeling that he’ll be back as Senate Majority leader again with just as much power. I say this as someone living in Nevada.

This part aside, I think the fact that the Republicans only took control of the house and not the senate likely is a good thing for the EMR stimulus. I heard one person tell me that the EMR stimulus money has pretty good bipartisan support in the government. I think this is generally true and that it will only be taken away if it’s a casualty of the unspent ARRA stimulus money and not because they specifically didn’t want to spend money on EMR.

I still think this is a possibility, but I personally believe it’s a small possibility. I don’t think the Senate will really allow that to happen. Instead they’ll focus on other things (possibly healthcare reform instead).

I’m interested to hear what other people think. What other effects will the election have on healthcare IT policy?

Mass Senate Seat and EMR Reform

Posted on January 28, 2010 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

SRSsoft, an EMR vendor, put out an interesting press release putting the lost democratic senate seat in Massachusetts with healthcare reform and EHR adoption. Here’s a quote from the press release:

“The question is not whether we need healthcare reform,” says Evan Steele, CEO, SRSsoft. “Rather, the voters voiced their concern that reform must benefit consumers and physicians, not just government, insurance companies, and vendors. This election must open the government to input from all stakeholders, and that is a good sign for the constituents of SRS—the physicians—who feel that their voice is not being heard on healthcare reform and on EHR adoption.”

Honestly, I don’t see the change in the Senate seat affecting EMR adoption at all. However, I think it will have a big impact on healthcare reform. I’ve said before that the healthcare reform has opened our eyes to the government processes in ways we’d never seen before. I think that the HITECH act has done much of the same for those of us interested in EMR legislation and rule making.