What else can and should be done to protect PHI?

With the number and depth of breeches that have occurred during 2014 it only stands to reason that security issues are going to be a top priority in 2015. Even if healthcare facilities and vendors are following all the rules, breaches are still occurring.

NEMT CEO Linda Sullivan

NEMT recently added Penetration Testing and Vulnerability Scanning to its arsenal and results of each were at the top of the acceptable range.

In addition, it likely will become routine for hospitals to require that their vendor be able to deliver a SOC 2 Type II report. In very simplistic terms, and it is anything but simple, SOC 2 (Service Organization Controls) is a report on controls at a service organization relevant to security, availability, processing integrity and confidentially or privacy.

There are more software programs running on hospital systems than ever before, more patient information being captured electronically, and more people with their fingers in the pie. Beyond the human factor in HIPAA requirements and some software and hardware requirements, today’s software is more complicated and requires more sophisticated and thorough means of security.

This will be an evolving picture over the next several years presenting both a challenge and an opportunity – a challenge to maintain the security of patient health information and an opportunity to design and produce better security products.

Share and Enjoy:
  • Print
  • Facebook
  • Google Bookmarks
  • Tumblr
  • Twitter
  • LinkedIn
  • PDF
  • RSS

No related posts.

This entry was posted in Business, HIPAA and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>