Home » Headlines » Currently Reading:

Morning Headlines 8/5/14

August 4, 2014 Headlines 5 Comments

The Office of the National Coordinator for Health Information Technology’s Oversight of the Testing and Certification of Electronic Health Records

An OIG investigation finds that the ONC’s EHR testing and certification standards do not test EHR security features enough to adequately ensure that patient information is protected.

State will replace CGI, health exchange vendor

Vermont is the next to join a growing list of states that have fired CGI as their primary health insurance exchange firm. Starting in September, development responsibilities will be handed over to Optum as part of a $5.7 million deal.

Actionable Recommendations in the Bright Futures Child Health Supervision Guidelines

A new study published in Applied Clinical Informatics finds that only 20 percent of the preventative health care guidelines followed by US pediatricians are defined in a way that would allow them to be integrated into EHR clinical decision support tools.

DeSalvo says providers, hospitals on track for EHR Stage 2

With just 10 eligible hospitals attesting for Stage 2 MU thus far, national coordinator Karen DeSalvo, MD, reports “We know from past experience with meaningful-use Stage 1, for example, that people wait to attest until the eleventh hour,” adding “It seems on track with where we expect it to be, and we’re watching it closely.”



HIStalk Featured Sponsors

     

Currently there are "5 comments" on this Article:

  1. #Security

    What me worry? The OIG findings should come as no surprise. Security in EHR has gotten short shrift from govy and vendors alike. This has been known for years, and has been on Deb Peel’s agenda.

  2. The soporific NIST SP 800-60 volume 2, in appendix D.14, clearly(?) defines the health care security considerations for federal systems. Among other things, the highest consideration is for data availability and integrity, with medium importance for confidentiality. Why? If data is unavailable or corrupted, it could harm patients. Loss of confidentiality is a lesser harm. This is too-often ignored. I wonder if the OIG’s testing treats EHR data availability and integrity accordingly. My bet is that they do not.

  3. To have really safe patient data we would need to find a replacement for the zero security of HL7. No encryption at all. Can anybody see that happening? Too many people too invested.

    Until then you can implement dual factor auth, audit trails and any other security feature you want… but a 16 year old can use off the shelf free software to sniff most patient data.

    Security is just a talking point. The legacy architecture just doesn’t support it.

  4. Lol security, indeed. HL7 is a format, security is orthogonal to format.

    Security can be, and in many paces is very much present – encryption on the wire can be achieved via VPN connections between the end points, or via SSL connections. Encryption at rest can be achieved via database encryption or disk encryption.

  5. With only ten hospitals attesting to EHR Stage 2 with only two months left in the fiscal year, I think it’s time to be concerned.







Text Ads


RECENT COMMENTS

  1. I think Disingenuous is confused (or simply not aware of how it has been architected). How control of Epic is…

  2. It seems that every innovation in the past 50 years has claimed that it would save money and lives. There…

  3. Well, this is predicting the future, and my crystal ball is cloudy and cracked. But my basic thesis about Meditech?…

  4. RE Judy Faulkner's foundation wishes: Different area, but read up on the Barnes Foundation to see how things work out…

  5. Meditech certainly benefited from Cerner and Allscripts stumbles and before that the failures of ECW and Athena’s inpatient expansions. I…

Founding Sponsors


 

Platinum Sponsors


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Gold Sponsors


 

 

 

 

 

 

 

 

 

 

RSS Webinars

  • An error has occurred, which probably means the feed is down. Try again later.