Visit these other HIMSS sites:
Skip Top Navigation
Privacy and Security

Health information security and medical privacy are of utmost importance in today's healthcare environment. HIMSS provides guidance and resources to assist healthcare entities navigate many of the complex and rapidly evolving issues that are facing the healthcare industry.

The HIMSS Privacy and Security Committee guides the implementation of strategic initiatives that promote the privacy and security of healthcare information and management systems. Its goal: "By 2014, all entities who use, send, or store health information meet requirements for confidentiality, integrity, availability and accountability based on sound risk management practices, using recognized standards and protocols."

HIMSS has launched several work groups that are actively involved with industry changing activities to achieve this goal.

Latest News & Annoucements

HIMSS Launches Three New P&S Toolkits
In an effort to continue to provide privacy and security guidance and resources to healthcare organizations, HIMSS has recently launched three new privacy and security toolkits. The toolkits cover a range of relevant issues including cloud security, mobile security and risk assessments. Visit these toolkits today! For a list of all 6 P&S Toolkits, visit the P&S Toolkits Directory.

ONC seeks good practices for mobile device privacy and security
As part of the government's mHealth Initiative, federal officials have launched a project to identify the best ways to protect health information while using mobile devices. More Information

New Toolkit on Patient Identity Integrity Available
HIMSS is pleased to announce the development of a new toolkit on patient identity integrity. Developed by the Patient Identity Work Group, the toolkit provides resources to enhance the industry's understanding of patient identity integrity and the many issues involved in reliably - and safely - matching patient identity across systems. This toolkit joins the Privacy and Security Toolkit and the Privacy and Security Toolkit for Small Provider Organizations as resources to help healthcare entities navigate many of the complex and rapidly evolving issues that are facing the healthcare industry.
Access the Patient Identity Integrity Toolkit

HIMSS Work Group Issues Paper on Mobile Device Security
The use of mobile computing devices in healthcare organizations is growing rapidly and will continue to do so into the future. As such, the aim of the mobile device security white paper is to provide information about mobile computing device security to healthcare information technology leaders and assist organizations with understanding the security and compliance ramifications of incorporating these devices into their environments.
Download the Mobile Device Security White Paper

HIMSS Releases 4th Annual Security Survey Results
The survey reports the opinions of information technology (IT) and security professionals employed by hospitals and ambulatory care providers on key issues surrounding the tools and policies in place to secure electronic patient data at these healthcare organizations.
Read the HIMSS Security Survey Report.

HHS Audits the 1%...and the Rest: First HIPAA Privacy and Security Audits Begin
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has begun the process of notifying covered entities that they are among the unlucky few who have been selected for the first Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy and security audits under the Health Information Technology for Economic and Clinical Health (HITECH) Act.

OCR Announces HIPPA Audit Program
The Department of Health and Human Services Office of Civil Rights recently announced that it will initiate a pilot program to perform up to 150 audits of covered entities to assess privacy and security compliance. The pilot program is an initial step by OCR to fulfill its requirements under the HITECH Act to provide for periodic audits to ensure covered entities and business associates are complying with the HIPAA Privacy and Security Rules and Breach Notification standards. The audits carried out under the pilot program are expected to begin in November of 2011 and continue through December of 2012. For more information please visit the OCR website.

Share |