All healthcare entities that collect, store, use, or exchange protected health information have an obligation to their patients, by law and regulation, to protect that information. Multiple legislative and regulatory requirements exist to codify a healthcare entity's obligations and to provide the patient with recourse in the event that the protected health information is mishandled. To help organizations reach these goals, this section of the HIMSS Health IT Body of Knowledge contains information and resources on HIPAA, security risk analysis, disaster preparedness and business recovery and other relevant topics.
Privacy and Security
Kevin Johnson provided insights in regard to understanding the way hackers think to protect healthcare organizations.
Michael Parisi provided insights in regard to third party assurance as part of a risk management program.
Elaine Zacharakis, Esq. and Peter Blenkinsop, Esq. provided insights on the General Data Protection Regulation and best practices for healthcare organizations, including those in the United States.
This is the written transcript of the Code Red episode 1 "You Are the Next Target", which explores what cyber security in health care looks like in a post-Meaningful Use world.