Note From Iatric Systems: Thank you very much to Carl Smith, CIO of King's Daughters Medical Center, for sharing his thoughts with us, and our blog readers, about protecting patient privacy.

Brookhaven, Miss., a town with a population of about 12,000 residents, is where I call home. Living in a small town in southwest Mississippi has its advantages. We are a close-knit community where relationships are built and last a lifetime. This culture of community spreads into most facets of life including local business. We look out for one another and want our community to strong, safe, and secure. In the healthcare arena, this has become an ever-evolving challenge with information privacy and security.

Based on an Interview with Seana-Lee Hamilton
Privacy Officer for Fraser Health in British Columbia

Peanut butter and jelly; milk and cookies; Canada and hockey — some things just go together. One more to add to the list — data security and patient privacy. You just can’t have effective and robust patient privacy without security. How secure is data that isn’t private?

Even though Security Audit Manager™ (SAM) had already been named KLAS category leader three years in a row, before KLAS made their announcement earlier this year, we couldn't help but feel hope, excitement, and nervousness, too. We were confident, but we wondered, "Could we, with the help of our customers, do it again for a fourth consecutive year?"

Based on an Interview with Dan Rossi
Director of Health Information, Privacy and Compliance Officer, Harrington Memorial Hospital

When Privacy and Compliance Officer Dan Rossi talks about protecting patient privacy, he preaches vigilance in this age of technological convenience.

Healthcare organizations are finding themselves having to do more with fewer resources, and this resource limitation is most visible in data security and patient privacy. Additionally, the industry as a whole sees more and more data breaches in healthcare facilities of all shapes and sizes. This is putting even further stress on hospitals to protect data from the inside out, as the penalties related to breaches, financial and otherwise, can be severe. 

I have spoken with a lot of patient privacy auditors and compliance officers, and the most common question that I get is:

 “Where do I start?”

They go on to say, "Now that all the data is captured from the different systems that contain PHI, and we have information about the users and patients, what’s next?"

I recently read an article in Healthcare IT News, Myth busted: Machine learning software isn’t enough, and the title caught my eye.

Mac McMillan, CynergisTek CEO was quoted in the article, and brought up an interesting point of view about machine learning.

It has been more than a decade since the HIPAA Security Rule established technical safeguards which require organizations to audit access to electronic protected health information. Since then, auditing programs have continued to grow in size and scope.

Iliana Peters, OCR’s Senior Advisor for HIPAA Compliance and Enforcement, was the featured speaker in the September 19 HealthcareITSecurity.com webinar sponsored by Iatric Systems. Her topic: "What Covered Entities Need to Know about OCR HIPAA Audits." As national lead for OCR enforcement of the HIPAA Rules, she’s uniquely qualified to give us an update on HIPAA audits.