In the current age of electronic health records, health information exchange, and the digitization of patient data, health data privacy and security are part of any discussion about information management system or application in healthcare and health IT. HIMSS13, the annual event put on by the Healthcare Information and Management Systems Society (HIMSS), officially beings this Sunday. Editors from HealthITSecurity.com and EHRintelligence.com will be providing coverage of news and announcements from HIMS13 in New Orleans.
Here is a sample of events with a focus on health data security and privacy we’ve got our eye on:
Monday, March 4
A Dialogue on HIPAA/HITECH Compliance: Room 255. Speakers Leon Rodriguez, Director of OCR, and Jim Wieland, an attorney at Ober, Kaler, Grimes & Shriver in Baltimore, Md., describe practical approaches for covered entities to remain compliant with the new HIPAA omnibus rule and provisions of the Health Information Technology for Economic and Clinical Health Act (HITECH).
Managing Privacy and Security Challenges of Patient EHR Portals: Room 294. Speakers Adam H. Greene, JD, MPH, and Jacki Monson, JD, CHC, address challenges for security and privacy resulting from patient EHR portals (e.g., amendment requests, inclusion in an information security risk assessment).
Improving Patient Outcomes through Secure Data Exchanges: Room 293. Speakers William Braithwaite, MD, PhD, FACMI, FHL7, and Michael L. Nelson, DPM, lead a roundtable discussion of the potential threat of PHI caused by increased sharing of patient information between providers and across networks.
Tuesday, March 5
Does Your Information Security Program Measure Up?: Room 294. Speakers Tom Walsh, CISSP, and Alan Bouit, CISSP, seek to answer the question, “How can you measure your organization’s information security program to obtain some confidence it is moving in the right direction and could pass an OCR audit?”
Update on OCR’s Health Information Privacy Enforcement and Audit Program: Room 294. Speakers Susan McAndrew, JD, and David Holtzman, JD, CIPP, provide an update concerning how the OCR will enforce HIPAA Privacy and Security, Breach Notification Rules, and audits to ensure the compliance of covered entities.
The Cyber ACO – Securing Integrated Delivery Systems from Cloud to Mobile: Hilton Riverside Versailles Ballroom (additional fee required). Speaker Bill Fox, JD, MA, explores the risks associated with the adoption of integrated delivery systems, such as accountable care organizations (ACOs), which can present risks to health data as a result of using cutting-edge systems and applications.
Wednesday, March 6
Top Five Information Risk, Security, and Privacy Considerations for BYOD: Booth 8247. Speaker John Pironti, President of IP Architects, describes the top privacy and security considerations for BYOD that healthcare organizations and mobile users should consider, such as learning the pros and cons of a BYOD strategy and acknowledging unique information risk, security, and privacy challenges associated with BYOD for both users and organizations.
Privacy and Security Challenges of Meaningful Use: New Orleans Theater B. Speakers Rich Cohan, MBA, FACHE, CHC, CCEP, and Adam H. Greene, JD, MPH, explain legal and practical privacy and security challenges in participating in the EHR Incentive Programs, namely HIPAA and state law.