Home » Headlines » Currently Reading:

Morning Headlines 8/5/14

August 4, 2014 Headlines 5 Comments

The Office of the National Coordinator for Health Information Technology’s Oversight of the Testing and Certification of Electronic Health Records

An OIG investigation finds that the ONC’s EHR testing and certification standards do not test EHR security features enough to adequately ensure that patient information is protected.

State will replace CGI, health exchange vendor

Vermont is the next to join a growing list of states that have fired CGI as their primary health insurance exchange firm. Starting in September, development responsibilities will be handed over to Optum as part of a $5.7 million deal.

Actionable Recommendations in the Bright Futures Child Health Supervision Guidelines

A new study published in Applied Clinical Informatics finds that only 20 percent of the preventative health care guidelines followed by US pediatricians are defined in a way that would allow them to be integrated into EHR clinical decision support tools.

DeSalvo says providers, hospitals on track for EHR Stage 2

With just 10 eligible hospitals attesting for Stage 2 MU thus far, national coordinator Karen DeSalvo, MD, reports “We know from past experience with meaningful-use Stage 1, for example, that people wait to attest until the eleventh hour,” adding “It seems on track with where we expect it to be, and we’re watching it closely.”

View/Print Text Only View/Print Text Only


HIStalk Featured Sponsors

     

Currently there are "5 comments" on this Article:

  1. #Security

    What me worry? The OIG findings should come as no surprise. Security in EHR has gotten short shrift from govy and vendors alike. This has been known for years, and has been on Deb Peel’s agenda.

  2. The soporific NIST SP 800-60 volume 2, in appendix D.14, clearly(?) defines the health care security considerations for federal systems. Among other things, the highest consideration is for data availability and integrity, with medium importance for confidentiality. Why? If data is unavailable or corrupted, it could harm patients. Loss of confidentiality is a lesser harm. This is too-often ignored. I wonder if the OIG’s testing treats EHR data availability and integrity accordingly. My bet is that they do not.

  3. To have really safe patient data we would need to find a replacement for the zero security of HL7. No encryption at all. Can anybody see that happening? Too many people too invested.

    Until then you can implement dual factor auth, audit trails and any other security feature you want… but a 16 year old can use off the shelf free software to sniff most patient data.

    Security is just a talking point. The legacy architecture just doesn’t support it.

  4. Lol security, indeed. HL7 is a format, security is orthogonal to format.

    Security can be, and in many paces is very much present – encryption on the wire can be achieved via VPN connections between the end points, or via SSL connections. Encryption at rest can be achieved via database encryption or disk encryption.

  5. With only ten hospitals attesting to EHR Stage 2 with only two months left in the fiscal year, I think it’s time to be concerned.







Subscribe to Updates

Search


Loading

Text Ads


Report News and Rumors

No title

Anonymous online form
E-mail
Rumor line: 801.HIT.NEWS

Tweets

Archives

Founding Sponsors


 

Platinum Sponsors


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Gold Sponsors


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Reader Comments

  • Brian Too: While I'm usually pretty forgiving about individual stylistic variations, I will say that I found Ed's final paragraph e...
  • From the Inside: It's great to see that Ed was so impactful on the NYC H+H IT "broken division" in his continuing quest to save the worl...
  • AynRandWasDumb: This article is so vague it amounts to platitude. What is my takeaway as a reader? That Ed did such a great job and he h...
  • Brian Too: I've always loved AC/DC. One tidbit others might enjoy. The movie "School of Rock" performed an awesome cover of "It...
  • Steve Natz: I have been a reader of HIStalk for several years and have always enjoyed these articles along with the industry news to...

Sponsor Quick Links