A combination of the new HIPAA omnibus rule, over 500 reported healthcare breaches, and emerging technologies such as cloud and mobile computing are causing a growing number of healthcare providers to seek specialist advice and support around IT and data security in 2013.
That is the view of Cliff Baker, managing partner for healthcare IT experts Meditology.
“Up until recently healthcare has been more about tick-box compliance but now I think there’s the realization that there have to be operational processes behind those requirements,” he said. “The industry is aware of that now and those points are re-enforced by the HIPAA new omnibus rule and the enforcement of the rule by the Office of Civil Rights.”
He added that in 2013 there will be a significant focus around managing the vendors who have access to patient information.
“Healthcare organizations have been undermining their investments by opening up the back door to vendors who don’t have the same security investments that they’ve made, and so we’re seeing a huge uptake in 2013 around helping healthcare organizations ensure that all the various vendors have the right controls in place before they access or store data,” he said.
Other key areas of concern in 2013 include identity management and access control, mobile devices and cloud computing.
“With cloud computing, there is very little transparency around the security controls that are in place once that data leaves the hospital, so helping clients figure out where that data is going, who can access that data and how the data is secured is a complex challenge that we’re getting a lot of requests to help our clients around,” he said.
HIPAA, IT advice, Meditology, healthcare risk management
