• Home
• Topics
  • Business and Finance
  • Chronic Disease Care
  • Consumer Information
  • Data Standards
  • EHRs and PHRs
  • Federal Stimulus Funding
  • Global Health
  • Health Plans
  • Hospitals
  • Long-Term Care
  • ONC
  • Patient Safety
  • Physician Practices
  • Policy
  • Privacy and Security
  • Public Health
  • Telehealth
  • Tools and Devices
• Perspectives
  • Current Perspectives
  • Perspectives Archive
• Features
  • Current Feature
  • Features Archive
• Stimulus Watch
• Data Points
  • Current Data Point
  • Data Point Archive
• Special Reports
• Most Popular
  • Most Viewed
  • Most Emailed
  • Most Commented

EVENTS

View All Events

FROM THE FOUNDATION

HIT Adoption Among California Dentists

What's the level of interest among California dentists in adopting health information technology, such as electronic dental health records, and how many are already making use of such systems? This snapshot of survey data provides some answers.

Diabetic Retinopathy: Call for Applications

This project will support clinics in providing remote diabetic retinopathy screenings to patients by funding retinal cameras, software, and expert consultation from the UCB School of Optometry. Applications are being accepted now through October 2010.

Revisiting the HITECH Act, One Year Later

A new report examines the progress implementing the U.S. government's multi-billion-dollar effort to jump-start adoption of information technology tools in the health care industry. Recommendations for further action by the White House and Congress are included.

Electronic health record systems remain vulnerable to security risks despite advances in developing certification processes for EHR systems, according to a 15-month study by the eHealth Vulnerability Reporting Program, Healthcare IT News reports.

The researchers surveyed more than 850 provider organizations and tested seven EHR systems, including five that had been certified by the Certification Commission for Healthcare IT. The study evaluated current industry information practices and benchmarked health data security practices against other industries.

The study found that:

• Product certifications do not address application hardening or known vulnerability reporting but help evaluate functionality, interoperability and security capabilities (Monegain, Healthcare IT News, 9/17);
  
• EHR vulnerabilities could be identified using standard tools and techniques; and
  
• EHR vendors either are not disclosing or are inadequately disclosing vulnerabilities to customers, preventing organizations from appropriately managing risks or adopting controls.

In addition, researchers could not identify an organization that has established guidelines to appropriately manage risks associated with EHR systems, prompting the conclusion that no organization has the responsibility, charter or mission to address security vulnerabilities in EHR systems (eHVRP press release, 9/17).

The study advocated security enhancements to EHR products and strategies to manage the risk of privacy breaches (Healthcare IT News, 9/17).

• Print
• Email
• Share
  • Facebook
  • Twitter
  • LinkedIn
  • Digg

RELATED STORIES

03/20/2007

VA Still Falls Short on Data Security

05/01/2007

HHS Agenda Includes Plans To Step Up Health Data Security

08/06/2007

GAO: Federal Agencies Need To Step Up Security Controls

09/14/2007

What Kind of Information Security Measures Have Health Care Organizations Taken?

MOST POPULAR ARTICLES

• 
• 
•