Currently, questions of health information security and medical privacy are of utmost importance in the United States. Hardly a day goes by that we do not see a featured article or publication about some aspect of medical privacy, or a story about a security breach.
HIMSS has created a Privacy and Security Committee to guide implementation of strategic initiatives that promote the privacy and security of healthcare information and management systems. This Committee has set the following goal: "By 2014, all entities who use, send, or store health information meet requirements for confidentiality, integrity, availability and accountability based on sound risk management practices, using recognized standards and protocols." The committee helps HIMSS establish its strategic direction and official positions on issues relating to privacy & security.
In support of this goal, HIMSS has launched several work groups that are actively involved with industry changing activities to achieve this goal.
Announcements
New Toolkit on Patient Identity Integrity Available
HIMSS is pleased to announce the development of a new toolkit on patient identity integrity. Developed by the Patient Identity Work Group, the toolkit provides resources to enhance the industry's understanding of patient identity integrity and the many issues involved in reliably - and safely - matching patient identity across systems. This toolkit joins the Privacy and Security Toolkit and the Privacy and Security Toolkit for Small Provider Organizations as resources to help healthcare entities navigate many of the complex and rapidly evolving issues that are facing the healthcare industry.
Access the Patient Identity Integrity Toolkit
HIMSS Work Group Issues Paper on Mobile Device Security
The use of mobile computing devices in healthcare organizations is growing rapidly and will continue to do so into the future. As such, the aim of the mobile device security white paper is to provide information about mobile computing device security to healthcare information technology leaders and assist organizations with understanding the security and compliance ramifications of incorporating these devices into their environments.
Download the Mobile Device Security White Paper
ARRA (Stimulus Bill) Resources- Privacy and Security
Quick Guide to Navigating the P&S Provisions of ARRA
ARRA Chronological Listing of Key Privacy and Security Dates
Latest News:
HHS Audits the 1%...and the Rest: First HIPAA Privacy and Security Audits Begin
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has begun the process of notifying covered entities that they are among the unlucky few who have been selected for the first Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy and security audits under the Health Information Technology for Economic and Clinical Health (HITECH) Act.
OCR Announces HIPPA Audit Program
The Department of Health and Human Services Office of Civil Rights recently announced that it will initiate a pilot program to perform up to 150 audits of covered entities to assess privacy and security compliance. The pilot program is an initial step by OCR to fulfill its requirements under the HITECH Act to provide for periodic audits to ensure covered entities and business associates are complying with the HIPAA Privacy and Security Rules and Breach Notification standards. The audits carried out under the pilot program are expected to begin in November of 2011 and continue through December of 2012. For more information please visit the OCR website.
