By Shawna Doran, Senior Manager, Tueoris, LLC and Dan Goldstein, Partner, Tueoris LLC In the run-up to May 25, 2018, many businesses that thought they were well-prepared to meet their …
PRIVACY
Alternatives to Consent: New Approaches to Processing Patient Data for Current and Future Clinical Research
Introduction Pharmaceutical and biotech companies sponsoring clinical research have traditionally relied on patient consent as the legal basis for processing personal data, sensitive personal data and biologic material for …
Security Logging and Monitoring for EHRs
If you are like most medium or large healthcare providers these days, your Electronic Health Record (EHR) environment is likely a very complex one. Such complexity brings with it a …
Is your auditor or consultant anything like the OPM OIG?
The OPM breach has been deservedly in the news for over a month now. Much has been written and said about it across the mainstream media and the internet1. …
No, Security Privacy Is Not A Hindrance To TeleHealth Adoption
Since I follow the teleheath space rather closely from a security/privacy perspective, I was drawn yesterday to this article titled “How Health Privacy Regulations Hinder Telehealth Adoption”. From my experience, …
Patient Portals Make or Break
Like many other Health IT initiatives today, the primary driver for patient portals is regulatory in nature. Specifically, it is the Meaningful Use requirements related to view, download or transmit and …
That Odd Authentication Dichotomy Needs To Change
By now, it should be clear that we need to consider strong (multi factor) authentication for access to anything of value. In an age and time when most public email services …
Beware of Security Best Practices and Controls Frameworks
What could be possibly wrong with “Best Practices” or “Leading Practices” that your favorite security consultant might be talking about? Or for that matter, how could we go wrong if we used …
How useful is the HHS OIG report published this week?
I am sure some of you saw this news report about HHS OIG finding some security related deficiencies in the EHR certification program. I was keen to read the full …