Resources for Health Insurance Portability and Accountability Act (HIPAA)

How Will You Secure Your Company Data?

www.computerworld.com

For IT security professionals, 2003 promises to be a year filled with old and new challenges. Whether balancing the needs of security with the push for greater access to data, coping with government mandates or planning for possible budget cuts, IT security managers have their hands full.
Frank M. Richards is already scrambling to deal with those challenges. As CIO at Geisinger Health System, a health care network in Danville, Pa., that serves more than 2 million people, he faces an April deadline for compliance with the federal Health Insurance Portability and Accountability Act (HIPAA). The law will require health care organizations to safeguard patient data from unauthorized access and disclosure.
But HIPAA sets goals without giving specifics on how to get there, so Richards must balance the legal requirements with a demand from health professionals for ease of access -- a daunting challenge.
"This can be particularly problematic in the medical field, where care providers are under tremendous time pressures," he says. Understanding workflow, assessing risk and educating users are all key components of a security system that achieves the correct balance between access and control, he says.
Geisinger's Electronic Medical Record (EMR) program focuses on easing access to data. It lets physicians at 50 clinics use mobile devices to order medications, receive alerts, enter patient progress notes and communicate with patients. Another program, MyChart, lets patients access their medical information via the Internet.

View the Resource

Share or bookmarklet this web page at: