Healthcare Organizations: Still Lagging Behind

By Author: Angela Martin
Total Articles: 206
Comment this article

In the past few months healthcare organizations became the reason of angst for many due to some scary IT mishaps and security breaches— that too after the new legal requirements introduced by HITECH in 2009. Lack of progress made in preparation of protected health information results in security breaches. According to HIMSS, no relative changes were made or adopted by healthcare medical centers since the last time they had assessed the market. The present scenario is somewhat similar— low budget for information security and absence of formally designated CSO/CISO.



What to do in case of possible threat or security breach?


Even if threats or incidents relating to a security breach are identified, most of the healthcare organizations do not have a well planned strategy to respond to it and counter it. According to the market assessment done in 2008, only three quarters of the respondents perform risk assessments of which three quarters have disclosed their fear of potential risk to the patient data. This was again due to the inadequate security controls, policies and/or policies.


Breach notifications may only be provided to patient if the healthcare medical centre has a well positioned automated/electronic means to analyze log data. Now organizations widely use tools such as firewalls and user access controls but to avoid incidence of medical identity theft the healthcare centers should make an optimum use of the available technologies to secure data, such as encryption to secure data in transmission.


Stay prepared and guarded.


It is going to get only complicated. So to stay compliant, understand the new legal guidelines and adopt the changes.


We provide the latest news of Healthcare IT strategy in healthcare organizations according to Lag on HIT Security and offers advanced Learning Opportunities for healthcare executives, hospitals and physicians.